├── .github
└── workflows
│ └── commitlint.yml
├── .gitignore
├── .gitlab-ci.yml
├── .pre-commit-config.yaml
├── .rstcheck.cfg
├── .rubocop.yml
├── .salt-lint
├── .travis.yml
├── .yamllint
├── AUTHORS.md
├── CHANGELOG.md
├── CODEOWNERS
├── FORMULA
├── Gemfile
├── Gemfile.lock
├── LICENSE
├── bin
├── install-hooks
└── kitchen
├── commitlint.config.js
├── docs
├── AUTHORS.rst
├── CHANGELOG.rst
└── README.rst
├── kitchen.yml
├── pillar.example
├── pre-commit_semantic-release.sh
├── release-rules.js
├── release.config.js
├── test
├── integration
│ ├── default
│ │ ├── README.md
│ │ ├── controls
│ │ │ └── config_spec.rb
│ │ └── inspec.yml
│ ├── share
│ │ ├── README.md
│ │ ├── inspec.yml
│ │ └── libraries
│ │ │ └── system.rb
│ └── vimrc
│ │ ├── README.md
│ │ ├── controls
│ │ └── config_spec.rb
│ │ └── inspec.yml
└── salt
│ └── pillar
│ ├── default.sls
│ └── vimrc.sls
└── users
├── _mapdata
├── _mapdata.jinja
└── init.sls
├── bashrc.sls
├── defaults.yaml
├── files
├── bashrc
│ └── bashrc
├── profile
│ └── profile
├── user
│ └── .keep
└── vimrc
│ └── vimrc
├── googleauth.sls
├── init.sls
├── map.jinja
├── polkit.sls
├── profile.sls
├── sudo.sls
├── user_files.sls
└── vimrc.sls
/.github/workflows/commitlint.yml:
--------------------------------------------------------------------------------
1 | # -*- coding: utf-8 -*-
2 | # vim: ft=yaml
3 | ---
4 | name: Commitlint
5 | 'on': [pull_request]
6 |
7 | jobs:
8 | lint:
9 | runs-on: ubuntu-latest
10 | env:
11 | GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
12 | steps:
13 | - uses: actions/checkout@v2
14 | with:
15 | fetch-depth: 0
16 | - uses: wagoid/commitlint-github-action@v1
17 |
--------------------------------------------------------------------------------
/.gitignore:
--------------------------------------------------------------------------------
1 | # Byte-compiled / optimized / DLL files
2 | __pycache__/
3 | *.py[cod]
4 | *$py.class
5 |
6 | # C extensions
7 | *.so
8 |
9 | # Distribution / packaging
10 | .Python
11 | env/
12 | build/
13 | develop-eggs/
14 | dist/
15 | downloads/
16 | eggs/
17 | .eggs/
18 | lib/
19 | lib64/
20 | parts/
21 | sdist/
22 | var/
23 | wheels/
24 | *.egg-info/
25 | .installed.cfg
26 | *.egg
27 |
28 | # PyInstaller
29 | # Usually these files are written by a python script from a packager
30 | # before PyInstaller builds the exe, so as to inject date/other infos into it.
31 | *.manifest
32 | *.spec
33 |
34 | # Installer logs
35 | pip-log.txt
36 | pip-delete-this-directory.txt
37 |
38 | # Unit test / coverage reports
39 | htmlcov/
40 | .tox/
41 | .coverage
42 | .coverage.*
43 | .cache
44 | nosetests.xml
45 | coverage.xml
46 | *.cover
47 | .hypothesis/
48 | .kitchen
49 | .kitchen.local.yml
50 | kitchen.local.yml
51 | junit-*.xml
52 |
53 | # Translations
54 | *.mo
55 | *.pot
56 |
57 | # Django stuff:
58 | *.log
59 | local_settings.py
60 |
61 | # Flask stuff:
62 | instance/
63 | .webassets-cache
64 |
65 | # Scrapy stuff:
66 | .scrapy
67 |
68 | # Sphinx documentation
69 | docs/_build/
70 |
71 | # PyBuilder
72 | target/
73 |
74 | # Jupyter Notebook
75 | .ipynb_checkpoints
76 |
77 | # pyenv
78 | .python-version
79 |
80 | # celery beat schedule file
81 | celerybeat-schedule
82 |
83 | # SageMath parsed files
84 | *.sage.py
85 |
86 | # dotenv
87 | .env
88 |
89 | # virtualenv
90 | .venv
91 | venv/
92 | ENV/
93 |
94 | # visual studio
95 | .vs/
96 |
97 | # Spyder project settings
98 | .spyderproject
99 | .spyproject
100 |
101 | # Rope project settings
102 | .ropeproject
103 |
104 | # mkdocs documentation
105 | /site
106 |
107 | # mypy
108 | .mypy_cache/
109 |
110 | # Bundler
111 | .bundle/
112 |
113 | # copied `.md` files used for conversion to `.rst` using `m2r`
114 | docs/*.md
115 |
116 | # Vim
117 | *.sw?
118 |
119 | ## Collected when centralising formulas (check and sort)
120 | # `collectd-formula`
121 | .pytest_cache/
122 | /.idea/
123 | Dockerfile.*_*
124 | ignore/
125 | tmp/
126 |
127 | # `salt-formula` -- Vagrant Specific files
128 | .vagrant
129 | top.sls
130 | !test/salt/pillar/top.sls
131 |
132 | # `suricata-formula` -- Platform binaries
133 | *.rpm
134 | *.deb
135 |
--------------------------------------------------------------------------------
/.gitlab-ci.yml:
--------------------------------------------------------------------------------
1 | # -*- coding: utf-8 -*-
2 | # vim: ft=yaml
3 | ---
4 | ###############################################################################
5 | # Define all YAML node anchors
6 | ###############################################################################
7 | .node_anchors:
8 | # `only` (also used for `except` where applicable)
9 | only_branch_master_parent_repo: &only_branch_master_parent_repo
10 | - 'master@saltstack-formulas/users-formula'
11 | # `stage`
12 | stage_lint: &stage_lint 'lint'
13 | stage_release: &stage_release 'release'
14 | stage_test: &stage_test 'test'
15 | # `image`
16 | image_commitlint: &image_commitlint 'myii/ssf-commitlint:11'
17 | image_dindruby: &image_dindruby 'myii/ssf-dind-ruby:2.7.1-r3'
18 | image_precommit: &image_precommit
19 | name: 'myii/ssf-pre-commit:2.9.2'
20 | entrypoint: ['/bin/bash', '-c']
21 | image_rubocop: &image_rubocop 'pipelinecomponents/rubocop:latest'
22 | image_semantic-release: &image_semanticrelease 'myii/ssf-semantic-release:15.14'
23 | # `services`
24 | services_docker_dind: &services_docker_dind
25 | - 'docker:dind'
26 | # `variables`
27 | # https://forum.gitlab.com/t/gitlab-com-ci-caching-rubygems/5627/3
28 | # https://bundler.io/v1.16/bundle_config.html
29 | variables_bundler: &variables_bundler
30 | BUNDLE_CACHE_PATH: '${CI_PROJECT_DIR}/.cache/bundler'
31 | BUNDLE_WITHOUT: 'production'
32 | # `cache`
33 | cache_bundler: &cache_bundler
34 | key: '${CI_JOB_STAGE}'
35 | paths:
36 | - '${BUNDLE_CACHE_PATH}'
37 |
38 | ###############################################################################
39 | # Define stages and global variables
40 | ###############################################################################
41 | stages:
42 | - *stage_lint
43 | - *stage_test
44 | - *stage_release
45 | variables:
46 | DOCKER_DRIVER: 'overlay2'
47 |
48 | ###############################################################################
49 | # `lint` stage: `commitlint`, `pre-commit` & `rubocop` (latest, failure allowed)
50 | ###############################################################################
51 | commitlint:
52 | stage: *stage_lint
53 | image: *image_commitlint
54 | script:
55 | # Add `upstream` remote to get access to `upstream/master`
56 | - 'git remote add upstream
57 | https://gitlab.com/saltstack-formulas/users-formula.git'
58 | - 'git fetch --all'
59 | # Set default commit hashes for `--from` and `--to`
60 | - 'export COMMITLINT_FROM="$(git merge-base upstream/master HEAD)"'
61 | - 'export COMMITLINT_TO="${CI_COMMIT_SHA}"'
62 | # `coqbot` adds a merge commit to test PRs on top of the latest commit in
63 | # the repo; amend this merge commit message to avoid failure
64 | - |
65 | if [ "${GITLAB_USER_LOGIN}" = "coqbot" ] \
66 | && [ "${CI_COMMIT_BRANCH}" != "master" ]; then
67 | git commit --amend -m \
68 | 'chore: reword coqbot merge commit message for commitlint'
69 | export COMMITLINT_TO=HEAD
70 | fi
71 | # Run `commitlint`
72 | - 'commitlint --from "${COMMITLINT_FROM}"
73 | --to "${COMMITLINT_TO}"
74 | --verbose'
75 |
76 | pre-commit:
77 | stage: *stage_lint
78 | image: *image_precommit
79 | # https://pre-commit.com/#gitlab-ci-example
80 | variables:
81 | PRE_COMMIT_HOME: '${CI_PROJECT_DIR}/.cache/pre-commit'
82 | cache:
83 | key: '${CI_JOB_NAME}'
84 | paths:
85 | - '${PRE_COMMIT_HOME}'
86 | script:
87 | - 'pre-commit run --all-files --color always --verbose'
88 |
89 | # Use a separate job for `rubocop` other than the one potentially run by `pre-commit`
90 | # - The `pre-commit` check will only be available for formulas that pass the default
91 | # `rubocop` check -- and must continue to do so
92 | # - This job is allowed to fail, so can be used for all formulas
93 | # - Furthermore, this job uses all of the latest `rubocop` features & cops,
94 | # which will help when upgrading the `rubocop` linter used in `pre-commit`
95 | rubocop:
96 | allow_failure: true
97 | stage: *stage_lint
98 | image: *image_rubocop
99 | script:
100 | - 'rubocop -d -P -S --enable-pending-cops'
101 |
102 | ###############################################################################
103 | # Define `test` template
104 | ###############################################################################
105 | .test_instance: &test_instance
106 | stage: *stage_test
107 | image: *image_dindruby
108 | services: *services_docker_dind
109 | variables: *variables_bundler
110 | cache: *cache_bundler
111 | before_script:
112 | # TODO: This should work from the env vars above automatically
113 | - 'bundle config set path "${BUNDLE_CACHE_PATH}"'
114 | - 'bundle config set without "${BUNDLE_WITHOUT}"'
115 | - 'bundle install'
116 | script:
117 | # Alternative value to consider: `${CI_JOB_NAME}`
118 | - 'bin/kitchen verify "${DOCKER_ENV_CI_JOB_NAME}"'
119 |
120 | ###############################################################################
121 | # Define `test` template (`allow_failure: true`)
122 | ###############################################################################
123 | .test_instance_failure_permitted:
124 | <<: *test_instance
125 | allow_failure: true
126 |
127 | ###############################################################################
128 | # `test` stage: each instance below uses the `test` template above
129 | ###############################################################################
130 | ## Define the rest of the matrix based on Kitchen testing
131 | # Make sure the instances listed below match up with
132 | # the `platforms` defined in `kitchen.yml`
133 | # yamllint disable rule:line-length
134 | # default-debian-11-tiamat-py3: {extends: '.test_instance'}
135 | # default-debian-10-tiamat-py3: {extends: '.test_instance'}
136 | # default-debian-9-tiamat-py3: {extends: '.test_instance'}
137 | # default-ubuntu-2204-tiamat-py3: {extends: '.test_instance_failure_permitted'}
138 | # default-ubuntu-2004-tiamat-py3: {extends: '.test_instance'}
139 | # default-ubuntu-1804-tiamat-py3: {extends: '.test_instance'}
140 | # default-centos-stream8-tiamat-py3: {extends: '.test_instance_failure_permitted'}
141 | # default-centos-7-tiamat-py3: {extends: '.test_instance'}
142 | # default-amazonlinux-2-tiamat-py3: {extends: '.test_instance'}
143 | # default-oraclelinux-8-tiamat-py3: {extends: '.test_instance'}
144 | # default-oraclelinux-7-tiamat-py3: {extends: '.test_instance'}
145 | # default-almalinux-8-tiamat-py3: {extends: '.test_instance'}
146 | # default-rockylinux-8-tiamat-py3: {extends: '.test_instance'}
147 | # default-debian-11-master-py3: {extends: '.test_instance'}
148 | vimrc-debian-11-master-py3: {extends: '.test_instance'}
149 | # default-debian-10-master-py3: {extends: '.test_instance'}
150 | vimrc-debian-10-master-py3: {extends: '.test_instance'}
151 | # default-debian-9-master-py3: {extends: '.test_instance'}
152 | vimrc-debian-9-master-py3: {extends: '.test_instance'}
153 | # default-ubuntu-2204-master-py3: {extends: '.test_instance_failure_permitted'}
154 | vimrc-ubuntu-2204-master-py3: {extends: '.test_instance_failure_permitted'}
155 | # default-ubuntu-2004-master-py3: {extends: '.test_instance'}
156 | vimrc-ubuntu-2004-master-py3: {extends: '.test_instance'}
157 | # default-ubuntu-1804-master-py3: {extends: '.test_instance'}
158 | vimrc-ubuntu-1804-master-py3: {extends: '.test_instance'}
159 | # default-centos-stream8-master-py3: {extends: '.test_instance_failure_permitted'}
160 | vimrc-centos-stream8-master-py3: {extends: '.test_instance_failure_permitted'}
161 | # default-centos-7-master-py3: {extends: '.test_instance'}
162 | vimrc-centos-7-master-py3: {extends: '.test_instance'}
163 | # default-fedora-36-master-py3: {extends: '.test_instance_failure_permitted'}
164 | vimrc-fedora-36-master-py3: {extends: '.test_instance_failure_permitted'}
165 | # default-fedora-35-master-py3: {extends: '.test_instance'}
166 | vimrc-fedora-35-master-py3: {extends: '.test_instance'}
167 | # default-opensuse-leap-153-master-py3: {extends: '.test_instance'}
168 | vimrc-opensuse-leap-153-master-py3: {extends: '.test_instance'}
169 | # default-opensuse-tmbl-latest-master-py3: {extends: '.test_instance_failure_permitted'}
170 | vimrc-opensuse-tmbl-latest-master-py3: {extends: '.test_instance_failure_permitted'}
171 | # default-amazonlinux-2-master-py3: {extends: '.test_instance'}
172 | vimrc-amazonlinux-2-master-py3: {extends: '.test_instance'}
173 | # default-oraclelinux-8-master-py3: {extends: '.test_instance'}
174 | vimrc-oraclelinux-8-master-py3: {extends: '.test_instance'}
175 | # default-oraclelinux-7-master-py3: {extends: '.test_instance'}
176 | vimrc-oraclelinux-7-master-py3: {extends: '.test_instance'}
177 | # default-arch-base-latest-master-py3: {extends: '.test_instance'}
178 | # vimrc-arch-base-latest-master-py3: {extends: '.test_instance'}
179 | # default-gentoo-stage3-latest-master-py3: {extends: '.test_instance'}
180 | # vimrc-gentoo-stage3-latest-master-py3: {extends: '.test_instance'}
181 | # default-gentoo-stage3-systemd-master-py3: {extends: '.test_instance'}
182 | # vimrc-gentoo-stage3-systemd-master-py3: {extends: '.test_instance'}
183 | # default-almalinux-8-master-py3: {extends: '.test_instance'}
184 | vimrc-almalinux-8-master-py3: {extends: '.test_instance'}
185 | # default-rockylinux-8-master-py3: {extends: '.test_instance'}
186 | vimrc-rockylinux-8-master-py3: {extends: '.test_instance'}
187 | # default-debian-11-3004-1-py3: {extends: '.test_instance'}
188 | # default-debian-10-3004-1-py3: {extends: '.test_instance'}
189 | # default-debian-9-3004-1-py3: {extends: '.test_instance'}
190 | # default-ubuntu-2204-3004-1-py3: {extends: '.test_instance_failure_permitted'}
191 | # default-ubuntu-2004-3004-1-py3: {extends: '.test_instance'}
192 | # default-ubuntu-1804-3004-1-py3: {extends: '.test_instance'}
193 | # default-centos-stream8-3004-1-py3: {extends: '.test_instance_failure_permitted'}
194 | # default-centos-7-3004-1-py3: {extends: '.test_instance'}
195 | # default-fedora-36-3004-1-py3: {extends: '.test_instance_failure_permitted'}
196 | # default-fedora-35-3004-1-py3: {extends: '.test_instance'}
197 | # default-amazonlinux-2-3004-1-py3: {extends: '.test_instance'}
198 | # default-oraclelinux-8-3004-1-py3: {extends: '.test_instance'}
199 | # default-oraclelinux-7-3004-1-py3: {extends: '.test_instance'}
200 | # default-arch-base-latest-3004-1-py3: {extends: '.test_instance'}
201 | # default-gentoo-stage3-latest-3004-1-py3: {extends: '.test_instance'}
202 | # default-gentoo-stage3-systemd-3004-1-py3: {extends: '.test_instance'}
203 | # default-almalinux-8-3004-1-py3: {extends: '.test_instance'}
204 | # default-rockylinux-8-3004-1-py3: {extends: '.test_instance'}
205 | # default-opensuse-leap-153-3004-0-py3: {extends: '.test_instance'}
206 | # default-opensuse-tmbl-latest-3004-0-py3: {extends: '.test_instance_failure_permitted'}
207 | # default-debian-10-3003-4-py3: {extends: '.test_instance'}
208 | # default-debian-9-3003-4-py3: {extends: '.test_instance'}
209 | # default-ubuntu-2004-3003-4-py3: {extends: '.test_instance'}
210 | # default-ubuntu-1804-3003-4-py3: {extends: '.test_instance'}
211 | # default-centos-stream8-3003-4-py3: {extends: '.test_instance_failure_permitted'}
212 | # default-centos-7-3003-4-py3: {extends: '.test_instance'}
213 | # default-amazonlinux-2-3003-4-py3: {extends: '.test_instance'}
214 | # default-oraclelinux-8-3003-4-py3: {extends: '.test_instance'}
215 | # default-oraclelinux-7-3003-4-py3: {extends: '.test_instance'}
216 | # default-almalinux-8-3003-4-py3: {extends: '.test_instance'}
217 | # yamllint enable rule:line-length
218 |
219 | ###############################################################################
220 | # `release` stage: `semantic-release`
221 | ###############################################################################
222 | semantic-release:
223 | only: *only_branch_master_parent_repo
224 | stage: *stage_release
225 | image: *image_semanticrelease
226 | variables:
227 | MAINTAINER_TOKEN: '${GH_TOKEN}'
228 | script:
229 | # Update `AUTHORS.md`
230 | - '${HOME}/go/bin/maintainer contributor'
231 | # Run `semantic-release`
232 | - 'semantic-release'
233 |
--------------------------------------------------------------------------------
/.pre-commit-config.yaml:
--------------------------------------------------------------------------------
1 | # -*- coding: utf-8 -*-
2 | # vim: ft=yaml
3 | ---
4 | # See https://pre-commit.com for more information
5 | # See https://pre-commit.com/hooks.html for more hooks
6 | ci:
7 | autofix_commit_msg: |
8 | ci(pre-commit.ci): apply auto fixes from pre-commit.com hooks
9 |
10 | For more information, see https://pre-commit.ci
11 | autofix_prs: true
12 | autoupdate_branch: ''
13 | autoupdate_commit_msg: |
14 | ci(pre-commit.ci): perform `pre-commit` autoupdate
15 | autoupdate_schedule: quarterly
16 | skip: []
17 | submodules: false
18 | default_stages: [commit]
19 | repos:
20 | - repo: https://github.com/dafyddj/commitlint-pre-commit-hook
21 | rev: v2.3.0
22 | hooks:
23 | - id: commitlint
24 | name: Check commit message using commitlint
25 | description: Lint commit message against @commitlint/config-conventional rules
26 | stages: [commit-msg]
27 | additional_dependencies: ['@commitlint/config-conventional@8.3.4']
28 | - id: commitlint-travis
29 | stages: [manual]
30 | additional_dependencies: ['@commitlint/config-conventional@8.3.4']
31 | always_run: true
32 | - repo: https://github.com/rubocop-hq/rubocop
33 | rev: v1.30.1
34 | hooks:
35 | - id: rubocop
36 | name: Check Ruby files with rubocop
37 | args: [--debug]
38 | always_run: true
39 | pass_filenames: false
40 | - repo: https://github.com/shellcheck-py/shellcheck-py
41 | rev: v0.8.0.4
42 | hooks:
43 | - id: shellcheck
44 | name: Check shell scripts with shellcheck
45 | files: ^.*\.(sh|bash|ksh)$
46 | types: []
47 | - repo: https://github.com/adrienverge/yamllint
48 | rev: v1.26.3
49 | hooks:
50 | - id: yamllint
51 | name: Check YAML syntax with yamllint
52 | args: [--strict, '.']
53 | always_run: true
54 | pass_filenames: false
55 | - repo: https://github.com/warpnet/salt-lint
56 | rev: v0.8.0
57 | hooks:
58 | - id: salt-lint
59 | name: Check Salt files using salt-lint
60 | files: ^.*\.(sls|jinja|j2|tmpl|tst)$
61 | - repo: https://github.com/myint/rstcheck
62 | rev: 3f929574
63 | hooks:
64 | - id: rstcheck
65 | name: Check reST files using rstcheck
66 | exclude: 'docs/CHANGELOG.rst'
67 | - repo: https://github.com/saltstack-formulas/mirrors-rst-lint
68 | rev: v1.3.2
69 | hooks:
70 | - id: rst-lint
71 | name: Check reST files using rst-lint
72 | exclude: |
73 | (?x)^(
74 | docs/CHANGELOG.rst|
75 | docs/TOFS_pattern.rst|
76 | )$
77 | additional_dependencies: [pygments==2.9.0]
78 |
--------------------------------------------------------------------------------
/.rstcheck.cfg:
--------------------------------------------------------------------------------
1 | [rstcheck]
2 | report=info
3 | ignore_language=rst
4 | ignore_messages=(Duplicate (ex|im)plicit target.*|Hyperlink target ".*" is not referenced\.$)
5 |
--------------------------------------------------------------------------------
/.rubocop.yml:
--------------------------------------------------------------------------------
1 | # -*- coding: utf-8 -*-
2 | # vim: ft=yaml
3 | ---
4 | # General overrides used across formulas in the org
5 | Layout/LineLength:
6 | # Increase from default of `80`
7 | # Based on https://github.com/PyCQA/flake8-bugbear#opinionated-warnings (`B950`)
8 | Max: 88
9 | Metrics/BlockLength:
10 | IgnoredMethods:
11 | - control
12 | - describe
13 | # Increase from default of `25`
14 | Max: 30
15 | Security/YAMLLoad:
16 | Exclude:
17 | - test/integration/**/_mapdata.rb
18 |
19 | # General settings across all cops in this formula
20 | AllCops:
21 | NewCops: enable
22 |
23 | # Any offenses that should be fixed, e.g. collected via. `rubocop --auto-gen-config`
24 |
--------------------------------------------------------------------------------
/.salt-lint:
--------------------------------------------------------------------------------
1 | # -*- coding: utf-8 -*-
2 | # vim: ft=yaml
3 | ---
4 | exclude_paths: []
5 | rules: {}
6 | skip_list:
7 | # Using `salt-lint` for linting other files as well, such as Jinja macros/templates
8 | - 205 # Use ".sls" as a Salt State file extension
9 | # Skipping `207` and `208` because `210` is sufficient, at least for the time-being
10 | # I.e. Allows 3-digit unquoted codes to still be used, such as `644` and `755`
11 | - 207 # File modes should always be encapsulated in quotation marks
12 | - 208 # File modes should always contain a leading zero
13 | tags: []
14 | verbosity: 1
15 |
--------------------------------------------------------------------------------
/.travis.yml:
--------------------------------------------------------------------------------
1 | # -*- coding: utf-8 -*-
2 | # vim: ft=yaml
3 | ---
4 | ################################################################################
5 | # NOTE: This file is UNMAINTAINED; it is provided for references purposes only.
6 | # No guarantees are tendered that this structure will work after 2020.
7 | ################################################################################
8 | # * https://en.wikipedia.org/wiki/Travis_CI:
9 | # - "... free open-source plans were removed in [sic] the end of 2020"
10 | # - https://blog.travis-ci.com/2020-11-02-travis-ci-new-billing
11 | # - https://ropensci.org/technotes/2020/11/19/moving-away-travis/
12 | ################################################################################
13 | ## Machine config
14 | os: 'linux'
15 | arch: 'amd64'
16 | dist: 'bionic'
17 | version: '~> 1.0'
18 |
19 | ## Language and cache config
20 | language: 'ruby'
21 | cache: 'bundler'
22 |
23 | ## Services config
24 | services:
25 | - docker
26 |
27 | ## Script to run for the test stage
28 | script:
29 | - bin/kitchen verify "${INSTANCE}"
30 |
31 | ## Stages and jobs matrix
32 | stages:
33 | - test
34 | # # As part of the switch away from Travis CI, ensure that the `release` stage
35 | # # is not run inadvertently
36 | # - name: 'release'
37 | # if: 'branch = master AND type != pull_request'
38 | jobs:
39 | include:
40 | ## Define the test stage that runs the linters (and testing matrix, if applicable)
41 |
42 | # Run all of the linters in a single job
43 | - language: 'node_js'
44 | node_js: 'lts/*'
45 | env: 'Lint'
46 | name: 'Lint: salt-lint, yamllint, rubocop, shellcheck & commitlint'
47 | before_install: 'skip'
48 | script:
49 | # Install and run `salt-lint`
50 | - pip install --user salt-lint
51 | - git ls-files -- '*.sls' '*.jinja' '*.j2' '*.tmpl' '*.tst'
52 | | xargs salt-lint
53 | # Install and run `yamllint`
54 | # Need at least `v1.17.0` for the `yaml-files` setting
55 | - pip install --user yamllint>=1.17.0
56 | - yamllint -s .
57 | # Install and run `rubocop`
58 | - gem install rubocop
59 | - rubocop -d
60 | # Run `shellcheck` (already pre-installed in Travis)
61 | - shellcheck --version
62 | - git ls-files -- '*.sh' '*.bash' '*.ksh'
63 | | xargs shellcheck
64 | # Install and run `commitlint`
65 | - npm i -D @commitlint/config-conventional
66 | @commitlint/travis-cli
67 | - commitlint-travis
68 |
69 | # Run `pre-commit` linters in a single job
70 | - language: 'python'
71 | env: 'Lint_pre-commit'
72 | name: 'Lint: pre-commit'
73 | before_install: 'skip'
74 | cache:
75 | directories:
76 | - $HOME/.cache/pre-commit
77 | script:
78 | # Install and run `pre-commit`
79 | - pip install pre-commit==2.7.1
80 | - pre-commit run --all-files --color always --verbose
81 | - pre-commit run --color always --hook-stage manual --verbose commitlint-travis
82 |
83 | ## Define the rest of the matrix based on Kitchen testing
84 | # Make sure the instances listed below match up with
85 | # the `platforms` defined in `kitchen.yml`
86 | # - env: INSTANCE=default-debian-11-tiamat-py3
87 | # - env: INSTANCE=default-debian-10-tiamat-py3
88 | # - env: INSTANCE=default-debian-9-tiamat-py3
89 | # - env: INSTANCE=default-ubuntu-2204-tiamat-py3
90 | # - env: INSTANCE=default-ubuntu-2004-tiamat-py3
91 | # - env: INSTANCE=default-ubuntu-1804-tiamat-py3
92 | # - env: INSTANCE=default-centos-stream8-tiamat-py3
93 | # - env: INSTANCE=default-centos-7-tiamat-py3
94 | # - env: INSTANCE=default-amazonlinux-2-tiamat-py3
95 | # - env: INSTANCE=default-oraclelinux-8-tiamat-py3
96 | # - env: INSTANCE=default-oraclelinux-7-tiamat-py3
97 | # - env: INSTANCE=default-almalinux-8-tiamat-py3
98 | # - env: INSTANCE=default-rockylinux-8-tiamat-py3
99 | # - env: INSTANCE=default-debian-11-master-py3
100 | - env: INSTANCE=vimrc-debian-11-master-py3
101 | # - env: INSTANCE=default-debian-10-master-py3
102 | - env: INSTANCE=vimrc-debian-10-master-py3
103 | # - env: INSTANCE=default-debian-9-master-py3
104 | - env: INSTANCE=vimrc-debian-9-master-py3
105 | # - env: INSTANCE=default-ubuntu-2204-master-py3
106 | - env: INSTANCE=vimrc-ubuntu-2204-master-py3
107 | # - env: INSTANCE=default-ubuntu-2004-master-py3
108 | - env: INSTANCE=vimrc-ubuntu-2004-master-py3
109 | # - env: INSTANCE=default-ubuntu-1804-master-py3
110 | - env: INSTANCE=vimrc-ubuntu-1804-master-py3
111 | # - env: INSTANCE=default-centos-stream8-master-py3
112 | - env: INSTANCE=vimrc-centos-stream8-master-py3
113 | # - env: INSTANCE=default-centos-7-master-py3
114 | - env: INSTANCE=vimrc-centos-7-master-py3
115 | # - env: INSTANCE=default-fedora-36-master-py3
116 | - env: INSTANCE=vimrc-fedora-36-master-py3
117 | # - env: INSTANCE=default-fedora-35-master-py3
118 | - env: INSTANCE=vimrc-fedora-35-master-py3
119 | # - env: INSTANCE=default-opensuse-leap-153-master-py3
120 | - env: INSTANCE=vimrc-opensuse-leap-153-master-py3
121 | # - env: INSTANCE=default-opensuse-tmbl-latest-master-py3
122 | - env: INSTANCE=vimrc-opensuse-tmbl-latest-master-py3
123 | # - env: INSTANCE=default-amazonlinux-2-master-py3
124 | - env: INSTANCE=vimrc-amazonlinux-2-master-py3
125 | # - env: INSTANCE=default-oraclelinux-8-master-py3
126 | - env: INSTANCE=vimrc-oraclelinux-8-master-py3
127 | # - env: INSTANCE=default-oraclelinux-7-master-py3
128 | - env: INSTANCE=vimrc-oraclelinux-7-master-py3
129 | # - env: INSTANCE=default-arch-base-latest-master-py3
130 | # - env: INSTANCE=vimrc-arch-base-latest-master-py3
131 | # - env: INSTANCE=default-gentoo-stage3-latest-master-py3
132 | # - env: INSTANCE=vimrc-gentoo-stage3-latest-master-py3
133 | # - env: INSTANCE=default-gentoo-stage3-systemd-master-py3
134 | # - env: INSTANCE=vimrc-gentoo-stage3-systemd-master-py3
135 | # - env: INSTANCE=default-almalinux-8-master-py3
136 | - env: INSTANCE=vimrc-almalinux-8-master-py3
137 | # - env: INSTANCE=default-rockylinux-8-master-py3
138 | - env: INSTANCE=vimrc-rockylinux-8-master-py3
139 | # - env: INSTANCE=default-debian-11-3004-1-py3
140 | # - env: INSTANCE=default-debian-10-3004-1-py3
141 | # - env: INSTANCE=default-debian-9-3004-1-py3
142 | # - env: INSTANCE=default-ubuntu-2204-3004-1-py3
143 | # - env: INSTANCE=default-ubuntu-2004-3004-1-py3
144 | # - env: INSTANCE=default-ubuntu-1804-3004-1-py3
145 | # - env: INSTANCE=default-centos-stream8-3004-1-py3
146 | # - env: INSTANCE=default-centos-7-3004-1-py3
147 | # - env: INSTANCE=default-fedora-36-3004-1-py3
148 | # - env: INSTANCE=default-fedora-35-3004-1-py3
149 | # - env: INSTANCE=default-amazonlinux-2-3004-1-py3
150 | # - env: INSTANCE=default-oraclelinux-8-3004-1-py3
151 | # - env: INSTANCE=default-oraclelinux-7-3004-1-py3
152 | # - env: INSTANCE=default-arch-base-latest-3004-1-py3
153 | # - env: INSTANCE=default-gentoo-stage3-latest-3004-1-py3
154 | # - env: INSTANCE=default-gentoo-stage3-systemd-3004-1-py3
155 | # - env: INSTANCE=default-almalinux-8-3004-1-py3
156 | # - env: INSTANCE=default-rockylinux-8-3004-1-py3
157 | # - env: INSTANCE=default-opensuse-leap-153-3004-0-py3
158 | # - env: INSTANCE=default-opensuse-tmbl-latest-3004-0-py3
159 | # - env: INSTANCE=default-debian-10-3003-4-py3
160 | # - env: INSTANCE=default-debian-9-3003-4-py3
161 | # - env: INSTANCE=default-ubuntu-2004-3003-4-py3
162 | # - env: INSTANCE=default-ubuntu-1804-3003-4-py3
163 | # - env: INSTANCE=default-centos-stream8-3003-4-py3
164 | # - env: INSTANCE=default-centos-7-3003-4-py3
165 | # - env: INSTANCE=default-amazonlinux-2-3003-4-py3
166 | # - env: INSTANCE=default-oraclelinux-8-3003-4-py3
167 | # - env: INSTANCE=default-oraclelinux-7-3003-4-py3
168 | # - env: INSTANCE=default-almalinux-8-3003-4-py3
169 |
170 | ## Define the release stage that runs `semantic-release`
171 | - stage: 'release'
172 | language: 'node_js'
173 | node_js: 'lts/*'
174 | env: 'Release'
175 | name: 'Run semantic-release inc. file updates to AUTHORS, CHANGELOG & FORMULA'
176 | before_install: 'skip'
177 | script:
178 | # Update `AUTHORS.md`
179 | - export MAINTAINER_TOKEN=${GH_TOKEN}
180 | - go get github.com/myii/maintainer
181 | - maintainer contributor
182 |
183 | # Install all dependencies required for `semantic-release`
184 | - npm i -D @semantic-release/changelog@3
185 | @semantic-release/exec@3
186 | @semantic-release/git@7
187 | deploy:
188 | provider: 'script'
189 | # Opt-in to `dpl v2` to complete the Travis build config validation (beta)
190 | # * https://docs.travis-ci.com/user/build-config-validation
191 | # Deprecated `skip_cleanup` can now be avoided, `cleanup: false` is by default
192 | edge: true
193 | # Run `semantic-release`
194 | script: 'npx semantic-release@15.14'
195 |
196 | # Notification options: `always`, `never` or `change`
197 | notifications:
198 | webhooks:
199 | if: 'repo = saltstack-formulas/users-formula'
200 | urls:
201 | - https://saltstack-formulas.zulipchat.com/api/v1/external/travis?api_key=HsIq3o5QmLxdnVCKF9is0FUIpkpAY79P&stream=CI&topic=saltstack-formulas%2Fusers-formula&ignore_pull_requests=true
202 | on_success: always # default: always
203 | on_failure: always # default: always
204 | on_start: always # default: never
205 | on_cancel: always # default: always
206 | on_error: always # default: always
207 |
--------------------------------------------------------------------------------
/.yamllint:
--------------------------------------------------------------------------------
1 | # -*- coding: utf-8 -*-
2 | # vim: ft=yaml
3 | ---
4 | # Extend the `default` configuration provided by `yamllint`
5 | extends: 'default'
6 |
7 | # Files to ignore completely
8 | # 1. All YAML files under directory `.bundle/`, introduced if gems are installed locally
9 | # 2. All YAML files under directory `.cache/`, introduced during the CI run
10 | # 3. All YAML files under directory `.git/`
11 | # 4. All YAML files under directory `node_modules/`, introduced during the CI run
12 | # 5. Any SLS files under directory `test/`, which are actually state files
13 | # 6. Any YAML files under directory `.kitchen/`, introduced during local testing
14 | # 7. `kitchen.vagrant.yml`, which contains Embedded Ruby (ERB) template syntax
15 | ignore: |
16 | .bundle/
17 | .cache/
18 | .git/
19 | node_modules/
20 | test/**/states/**/*.sls
21 | .kitchen/
22 | kitchen.vagrant.yml
23 |
24 | yaml-files:
25 | # Default settings
26 | - '*.yaml'
27 | - '*.yml'
28 | - .salt-lint
29 | - .yamllint
30 | # SaltStack Formulas additional settings
31 | - '*.example'
32 | - test/**/*.sls
33 |
34 | rules:
35 | empty-values:
36 | forbid-in-block-mappings: true
37 | forbid-in-flow-mappings: true
38 | line-length:
39 | # Increase from default of `80`
40 | # Based on https://github.com/PyCQA/flake8-bugbear#opinionated-warnings (`B950`)
41 | max: 88
42 | octal-values:
43 | forbid-implicit-octal: true
44 | forbid-explicit-octal: true
45 |
--------------------------------------------------------------------------------
/AUTHORS.md:
--------------------------------------------------------------------------------
1 | # Authors
2 |
3 | This list is sorted by the number of commits per contributor in _descending_ order.
4 |
5 | Avatar|Contributor|Contributions
6 | :-:|---|:-:
7 | 
|[@myii](https://github.com/myii)|143
8 | 
|[@aboe76](https://github.com/aboe76)|42
9 | 
|[@gravyboat](https://github.com/gravyboat)|30
10 | 
|[@puneetk](https://github.com/puneetk)|14
11 | 
|[@noelmcloughlin](https://github.com/noelmcloughlin)|14
12 | 
|[@nmadhok](https://github.com/nmadhok)|13
13 | 
|[@whiteinge](https://github.com/whiteinge)|13
14 | 
|[@techhat](https://github.com/techhat)|10
15 | 
|[@hatifnatt](https://github.com/hatifnatt)|10
16 | 
|[@babilen](https://github.com/babilen)|9
17 | 
|[@kossmac](https://github.com/kossmac)|7
18 | 
|[@arthurzenika](https://github.com/arthurzenika)|6
19 | 
|[@alxwr](https://github.com/alxwr)|6
20 | 
|[@pprkut](https://github.com/pprkut)|5
21 | 
|[@bkmit](https://github.com/bkmit)|4
22 | 
|[@stp-ip](https://github.com/stp-ip)|4
23 | 
|[@spoage](https://github.com/spoage)|4
24 | 
|[@madflojo](https://github.com/madflojo)|4
25 | 
|[@tiger-seo](https://github.com/tiger-seo)|4
26 | 
|[@daschatten](https://github.com/daschatten)|4
27 | 
|[@ashb](https://github.com/ashb)|3
28 | 
|[@dafyddj](https://github.com/dafyddj)|3
29 | 
|[@tardypad](https://github.com/tardypad)|3
30 | 
|[@javierbertoli](https://github.com/javierbertoli)|3
31 | 
|[@johtso](https://github.com/johtso)|3
32 | 
|[@TJuberg](https://github.com/TJuberg)|3
33 | 
|[@outime](https://github.com/outime)|3
34 | 
|[@ashokrajar](https://github.com/ashokrajar)|3
35 | 
|[@0xf10e](https://github.com/0xf10e)|3
36 | 
|[@jasonvoor](https://github.com/jasonvoor)|3
37 | 
|[@IMBArator](https://github.com/IMBArator)|3
38 | 
|[@auser](https://github.com/auser)|3
39 | 
|[@hipikat](https://github.com/hipikat)|2
40 | 
|[@amontalban](https://github.com/amontalban)|2
41 | 
|[@sacr0](https://github.com/sacr0)|2
42 | 
|[@bsundsrud](https://github.com/bsundsrud)|2
43 | 
|[@iggy](https://github.com/iggy)|2
44 | 
|[@eedgar](https://github.com/eedgar)|2
45 | 
|[@duk3luk3](https://github.com/duk3luk3)|2
46 | 
|[@jerryjvl](https://github.com/jerryjvl)|2
47 | 
|[@t0fik](https://github.com/t0fik)|2
48 | 
|[@xenophonf](https://github.com/xenophonf)|2
49 | 
|[@rhertzog](https://github.com/rhertzog)|2
50 | 
|[@roedie](https://github.com/roedie)|2
51 | 
|[@sevrob](https://github.com/sevrob)|2
52 | 
|[@qno](https://github.com/qno)|2
53 | 
|[@tomduijf](https://github.com/tomduijf)|2
54 | 
|[@xen0n](https://github.com/xen0n)|2
55 | 
|[@jraby](https://github.com/jraby)|2
56 | 
|[@luitzifa](https://github.com/luitzifa)|2
57 | 
|[@gnuts](https://github.com/gnuts)|2
58 | 
|[@sroegner](https://github.com/sroegner)|2
59 | 
|[@c10b10](https://github.com/c10b10)|1
60 | 
|[@andrew-vant](https://github.com/andrew-vant)|1
61 | 
|[@colekowalski](https://github.com/colekowalski)|1
62 | 
|[@baby-gnu](https://github.com/baby-gnu)|1
63 | 
|[@UtahDave](https://github.com/UtahDave)|1
64 | 
|[@diegows](https://github.com/diegows)|1
65 | 
|[@daks](https://github.com/daks)|1
66 | 
|[@mitt-fn](https://github.com/mitt-fn)|1
67 | 
|[@cornmander](https://github.com/cornmander)|1
68 | 
|[@glecoquierre](https://github.com/glecoquierre)|1
69 | 
|[@dulgheru](https://github.com/dulgheru)|1
70 | 
|[@inthecloud247](https://github.com/inthecloud247)|1
71 | 
|[@chenmen](https://github.com/chenmen)|1
72 | 
|[@philpep](https://github.com/philpep)|1
73 | 
|[@ChronoPositron](https://github.com/ChronoPositron)|1
74 | 
|[@Cottser](https://github.com/Cottser)|1
75 | 
|[@SMillerDev](https://github.com/SMillerDev)|1
76 | 
|[@skandyla](https://github.com/skandyla)|1
77 | 
|[@iamseth](https://github.com/iamseth)|1
78 | 
|[@shawnbutts](https://github.com/shawnbutts)|1
79 | 
|[@smlloyd](https://github.com/smlloyd)|1
80 | 
|[@SkypLabs](https://github.com/SkypLabs)|1
81 | 
|[@slawekp](https://github.com/slawekp)|1
82 | 
|[@soniah](https://github.com/soniah)|1
83 | 
|[@titilambert](https://github.com/titilambert)|1
84 | 
|[@TimJones](https://github.com/TimJones)|1
85 | 
|[@tobio](https://github.com/tobio)|1
86 | 
|[@tomasfejfar](https://github.com/tomasfejfar)|1
87 | 
|[@unilogicbv](https://github.com/unilogicbv)|1
88 | 
|[@adnanJP](https://github.com/adnanJP)|1
89 | 
|[@ketzacoatl](https://github.com/ketzacoatl)|1
90 | 
|[@mikepietruszka](https://github.com/mikepietruszka)|1
91 | 
|[@nike38rus](https://github.com/nike38rus)|1
92 |
93 | ---
94 |
95 | Auto-generated by a [forked version](https://github.com/myii/maintainer) of [gaocegege/maintainer](https://github.com/gaocegege/maintainer) on 2022-06-09.
96 |
--------------------------------------------------------------------------------
/CHANGELOG.md:
--------------------------------------------------------------------------------
1 | # Changelog
2 |
3 | ## [0.48.8](https://github.com/saltstack-formulas/users-formula/compare/v0.48.7...v0.48.8) (2022-06-09)
4 |
5 |
6 | ### Bug Fixes
7 |
8 | * **googleauth:** ensure newline is preserved in `repl` of `file.replace` ([1dd5f32](https://github.com/saltstack-formulas/users-formula/commit/1dd5f32a52b2e20b1fd58b23b260217b0144ad63))
9 |
10 |
11 | ### Continuous Integration
12 |
13 | * update `pre-commit` configuration inc. for pre-commit.ci [skip ci] ([8dce714](https://github.com/saltstack-formulas/users-formula/commit/8dce714dcd6205bebf903be01acf2d99a892c9d8))
14 | * **kitchen+gitlab:** update for new pre-salted images [skip ci] ([6ebb05a](https://github.com/saltstack-formulas/users-formula/commit/6ebb05a00289a3f27de3f24995610e7659f450f3))
15 |
16 |
17 | ### Tests
18 |
19 | * **system:** add `build_platform_codename` [skip ci] ([95cefb3](https://github.com/saltstack-formulas/users-formula/commit/95cefb36ab62ea2bca792cf4080f69b4cef2697c))
20 | * **system.rb:** add support for `mac_os_x` [skip ci] ([321fdcf](https://github.com/saltstack-formulas/users-formula/commit/321fdcfd975faae3ae08b3df3d5d0a6bd6d39e6b))
21 |
22 | ## [0.48.7](https://github.com/saltstack-formulas/users-formula/compare/v0.48.6...v0.48.7) (2022-02-13)
23 |
24 |
25 | ### Code Refactoring
26 |
27 | * **salt-lint:** fix violation ([696139a](https://github.com/saltstack-formulas/users-formula/commit/696139a841b4984e0a20965c6156752d9de79941))
28 |
29 |
30 | ### Continuous Integration
31 |
32 | * update linters to latest versions [skip ci] ([a4fb2c6](https://github.com/saltstack-formulas/users-formula/commit/a4fb2c638070a36d9cd7b48406a00e2bfd1611e7))
33 | * **3003.1:** update inc. AlmaLinux, Rocky & `rst-lint` [skip ci] ([ec9506d](https://github.com/saltstack-formulas/users-formula/commit/ec9506da14f4bfb089b90b87fb3144d07fa6f2e7))
34 | * **commitlint:** ensure `upstream/master` uses main repo URL [skip ci] ([2f0db66](https://github.com/saltstack-formulas/users-formula/commit/2f0db666e49838ab58dd644a0f76201f8a24b2e8))
35 | * **gemfile:** allow rubygems proxy to be provided as an env var [skip ci] ([47cfe0e](https://github.com/saltstack-formulas/users-formula/commit/47cfe0ecd7ff697562da5a37e046ce1d18a105b6))
36 | * **gemfile+lock:** use `ssf` customised `inspec` repo [skip ci] ([6ad3c6a](https://github.com/saltstack-formulas/users-formula/commit/6ad3c6a1482a24b24bef33aab14808003852e560))
37 | * **gemfile+lock:** use `ssf` customised `kitchen-docker` repo [skip ci] ([8698fa5](https://github.com/saltstack-formulas/users-formula/commit/8698fa535f294d1165549fc41998e2a124e78cc8))
38 | * **gitlab-ci:** add `rubocop` linter (with `allow_failure`) [skip ci] ([9b8b6e6](https://github.com/saltstack-formulas/users-formula/commit/9b8b6e6a82aa300933ea2d3e0c05fc265fa53195))
39 | * **gitlab-ci:** use GitLab CI as Travis CI replacement ([3c879df](https://github.com/saltstack-formulas/users-formula/commit/3c879df9535578edbca4a6592571ccd16aff6148))
40 | * **kitchen:** move `provisioner` block & update `run_command` [skip ci] ([72c64ad](https://github.com/saltstack-formulas/users-formula/commit/72c64adbea8f2e31c3b6d6bb54b5f6f9e6e9437d))
41 | * **kitchen+ci:** update with `3004` pre-salted images/boxes [skip ci] ([4a8452a](https://github.com/saltstack-formulas/users-formula/commit/4a8452a266300d5c40429b7c1a4276c96afb1519))
42 | * **kitchen+ci:** update with latest `3003.2` pre-salted images [skip ci] ([6de2acb](https://github.com/saltstack-formulas/users-formula/commit/6de2acbe93aba57bdfb5be6c45049796f1f0e3a9))
43 | * **kitchen+ci:** update with latest CVE pre-salted images [skip ci] ([22c21e4](https://github.com/saltstack-formulas/users-formula/commit/22c21e490e7f693c9a12c4d2b996f263c9ebe5c0))
44 | * **kitchen+ci:** use latest pre-salted images (after CVE) [skip ci] ([dabc4b7](https://github.com/saltstack-formulas/users-formula/commit/dabc4b742ada383a7e5f6c4f376381380106e6d2))
45 | * **kitchen+gitlab:** adjust matrix to add `3003` [skip ci] ([34c757a](https://github.com/saltstack-formulas/users-formula/commit/34c757a9bb9967530168a3f4892c7c8c8d5b79ba))
46 | * **kitchen+gitlab:** remove Ubuntu 16.04 & Fedora 32 (EOL) [skip ci] ([3935693](https://github.com/saltstack-formulas/users-formula/commit/3935693b589ead4b4a479a10c5a0216ab5b39f7f))
47 | * **kitchen+gitlab:** update for new pre-salted images [skip ci] ([0bff9fb](https://github.com/saltstack-formulas/users-formula/commit/0bff9fba4cf56154e5e5247639da90870d837c0a))
48 | * add `arch-master` to matrix and update `.travis.yml` [skip ci] ([632dc3c](https://github.com/saltstack-formulas/users-formula/commit/632dc3cc4b0d957bdb6bc51b942e37688163cb5e))
49 | * add Debian 11 Bullseye & update `yamllint` configuration [skip ci] ([0c49302](https://github.com/saltstack-formulas/users-formula/commit/0c493020eef811bc95beea9674ecdbc229a1e7a8))
50 | * **kitchen+gitlab-ci:** use latest pre-salted images [skip ci] ([c260fe7](https://github.com/saltstack-formulas/users-formula/commit/c260fe712669632c3f25c3cd1d778d70f9c7f88a))
51 | * **pre-commit:** add to formula [skip ci] ([d0e7c0a](https://github.com/saltstack-formulas/users-formula/commit/d0e7c0a19e940fecefd0df5c2061cf50d733da73))
52 | * **pre-commit:** enable/disable `rstcheck` as relevant [skip ci] ([013b2cd](https://github.com/saltstack-formulas/users-formula/commit/013b2cd3b84b80b32fae966d10b92f9da979ecf0))
53 | * **pre-commit:** finalise `rstcheck` configuration [skip ci] ([89c3c8f](https://github.com/saltstack-formulas/users-formula/commit/89c3c8f80606fd9266267c35a34e907b214ebca3))
54 | * **pre-commit:** update hook for `rubocop` [skip ci] ([0e7c6a3](https://github.com/saltstack-formulas/users-formula/commit/0e7c6a38969aea06d1b2c9e9c0135e71717dca5c))
55 |
56 |
57 | ### Documentation
58 |
59 | * **readme:** fix headings [skip ci] ([7d06cd5](https://github.com/saltstack-formulas/users-formula/commit/7d06cd56dd2ed355f5117a88d91749a0639dca64))
60 |
61 |
62 | ### Tests
63 |
64 | * standardise use of `share` suite & `_mapdata` state [skip ci] ([2a7c0de](https://github.com/saltstack-formulas/users-formula/commit/2a7c0de4aaf287a56ff96cabd900531740f097f5))
65 |
66 | ## [0.48.6](https://github.com/saltstack-formulas/users-formula/compare/v0.48.5...v0.48.6) (2020-10-02)
67 |
68 |
69 | ### Styles
70 |
71 | * quote numbers and file modes ([db30289](https://github.com/saltstack-formulas/users-formula/commit/db302890460c6ac079bacb34a5c4f0b304fffe69))
72 |
73 | ## [0.48.5](https://github.com/saltstack-formulas/users-formula/compare/v0.48.4...v0.48.5) (2020-07-25)
74 |
75 |
76 | ### Bug Fixes
77 |
78 | * **macos:** gid must be numeric on macos ([9517e4b](https://github.com/saltstack-formulas/users-formula/commit/9517e4b069d130b442562ed28fa9641cfebeb698))
79 |
80 |
81 | ### Continuous Integration
82 |
83 | * **gemfile:** restrict `train` gem version until upstream fix [skip ci] ([40f8e2d](https://github.com/saltstack-formulas/users-formula/commit/40f8e2d181f6ab345d205da95013bab8370afaf0))
84 | * **gemfile.lock:** add to repo with updated `Gemfile` [skip ci] ([ad7e8f7](https://github.com/saltstack-formulas/users-formula/commit/ad7e8f7cab43fb01b8a3a6651e1adf96241e63cf))
85 | * **kitchen:** avoid using bootstrap for `master` instances [skip ci] ([4441c59](https://github.com/saltstack-formulas/users-formula/commit/4441c597bd6425b5e5d79ced23d2c43790ec184e))
86 | * **kitchen:** use `saltimages` Docker Hub where available [skip ci] ([c12272e](https://github.com/saltstack-formulas/users-formula/commit/c12272eaae0440808f8c00ac5ac2f66ea5174f17))
87 | * **kitchen+travis:** remove `master-py2-arch-base-latest` [skip ci] ([892868f](https://github.com/saltstack-formulas/users-formula/commit/892868f3b52dfb1f3aaa2760bf37635b94eb2d29))
88 | * **travis:** add notifications => zulip [skip ci] ([628a430](https://github.com/saltstack-formulas/users-formula/commit/628a4306814bb69af750f35c7fa077662033a19b))
89 | * **travis:** apply changes from build config validation [skip ci] ([9f76672](https://github.com/saltstack-formulas/users-formula/commit/9f766728d4f8c44ed791dcc28e049c890331746d))
90 | * **travis:** opt-in to `dpl v2` to complete build config validation [skip ci] ([9a983a4](https://github.com/saltstack-formulas/users-formula/commit/9a983a4c2aee5e097f16378885ab7d6cad490509))
91 | * **travis:** quote pathspecs used with `git ls-files` [skip ci] ([f9f8f13](https://github.com/saltstack-formulas/users-formula/commit/f9f8f13693307695d6b6d8ca0aa2a9dcaa82c0c0))
92 | * **travis:** run `shellcheck` during lint job [skip ci] ([e09c822](https://github.com/saltstack-formulas/users-formula/commit/e09c8221657338baabf73c97902174513009f63b))
93 | * **travis:** use `major.minor` for `semantic-release` version [skip ci] ([0afebc6](https://github.com/saltstack-formulas/users-formula/commit/0afebc6fc36e1df818640bdddf6136841611243e))
94 | * **travis:** use build config validation (beta) [skip ci] ([0ddb90e](https://github.com/saltstack-formulas/users-formula/commit/0ddb90e6b546215e4de07b8257a89fc874f80d8b))
95 | * **workflows/commitlint:** add to repo [skip ci] ([7419dda](https://github.com/saltstack-formulas/users-formula/commit/7419dda3a4791044b8dd637cfcb8daedc637a2a8))
96 |
97 | ## [0.48.4](https://github.com/saltstack-formulas/users-formula/compare/v0.48.3...v0.48.4) (2019-11-08)
98 |
99 |
100 | ### Bug Fixes
101 |
102 | * **vimrc:** ensure `vimrc` state runs ([a1ef7e5](https://github.com/saltstack-formulas/users-formula/commit/a1ef7e57d9627f59000962111478d0846ab25d5c))
103 |
104 |
105 | ### Continuous Integration
106 |
107 | * **kitchen:** use `develop` image until `master` is ready (`amazonlinux`) [skip ci] ([852dff2](https://github.com/saltstack-formulas/users-formula/commit/852dff2aac5216e5ebf3f03cfa8f2559a35bdf9c))
108 | * **kitchen+travis+inspec:** add `vimrc` suite ([a263a62](https://github.com/saltstack-formulas/users-formula/commit/a263a62e7570d32d4a796538fc1720e20fa008a1))
109 |
110 |
111 | ### Tests
112 |
113 | * **inspec:** add test to check `.vimrc` file is generated properly ([569e927](https://github.com/saltstack-formulas/users-formula/commit/569e9276dbeea38f4920596502db75d64abbdc5e))
114 | * **pillar:** add test pillar to generate `.vimrc` file ([86144be](https://github.com/saltstack-formulas/users-formula/commit/86144befb9f98597464d9a10d45d820077a171e4))
115 |
116 | ## [0.48.3](https://github.com/saltstack-formulas/users-formula/compare/v0.48.2...v0.48.3) (2019-11-02)
117 |
118 |
119 | ### Bug Fixes
120 |
121 | * **pillars:** ensure `addusers` & `delusers` are lists ([b31c592](https://github.com/saltstack-formulas/users-formula/commit/b31c592147a4831f3800b80fa6d11025c5372f4c))
122 | * **release.config.js:** use full commit hash in commit link [skip ci] ([8df4d39](https://github.com/saltstack-formulas/users-formula/commit/8df4d39060dfaa1d3e8bce4d2cc7afd9c15d7dfd))
123 |
124 |
125 | ### Continuous Integration
126 |
127 | * **kitchen:** use `debian-10-master-py3` instead of `develop` [skip ci] ([9ee7636](https://github.com/saltstack-formulas/users-formula/commit/9ee7636477e20ad6597da2dd41375e858f644e4d))
128 | * **kitchen+travis:** upgrade matrix after `2019.2.2` release [skip ci] ([1d9a5ef](https://github.com/saltstack-formulas/users-formula/commit/1d9a5ef5be4bf0c66d6471effa32a2953637b031))
129 | * **travis:** update `salt-lint` config for `v0.0.10` [skip ci] ([60ee61d](https://github.com/saltstack-formulas/users-formula/commit/60ee61dd66bb3ab53b5dabb8c252e8725b1f0b04))
130 |
131 |
132 | ### Documentation
133 |
134 | * **contributing:** remove to use org-level file instead [skip ci] ([7c55ef0](https://github.com/saltstack-formulas/users-formula/commit/7c55ef0c0dba8fbdb34b3882d2b1f8d78c93720d))
135 | * **readme:** update link to `CONTRIBUTING` [skip ci] ([2a88765](https://github.com/saltstack-formulas/users-formula/commit/2a887654fcffb2ea6870967007f6d8cd096ed1a0))
136 |
137 |
138 | ### Performance Improvements
139 |
140 | * **travis:** improve `salt-lint` invocation [skip ci] ([b45914e](https://github.com/saltstack-formulas/users-formula/commit/b45914e063e3ac7462b31efa0b187d13cb8ee81a))
141 |
142 | ## [0.48.2](https://github.com/saltstack-formulas/users-formula/compare/v0.48.1...v0.48.2) (2019-10-11)
143 |
144 |
145 | ### Bug Fixes
146 |
147 | * **rubocop:** add fixes using `rubocop --safe-auto-correct` ([](https://github.com/saltstack-formulas/users-formula/commit/13dd7f9))
148 |
149 |
150 | ### Continuous Integration
151 |
152 | * merge travis matrix, add `salt-lint` & `rubocop` to `lint` job ([](https://github.com/saltstack-formulas/users-formula/commit/99136b5))
153 | * **travis:** merge `rubocop` linter into main `lint` job ([](https://github.com/saltstack-formulas/users-formula/commit/96999c2))
154 |
155 | ## [0.48.1](https://github.com/saltstack-formulas/users-formula/compare/v0.48.0...v0.48.1) (2019-10-10)
156 |
157 |
158 | ### Bug Fixes
159 |
160 | * **googleauth.sls:** fix `salt-lint` errors ([](https://github.com/saltstack-formulas/users-formula/commit/bb27b94))
161 | * **init.sls:** fix `salt-lint` errors ([](https://github.com/saltstack-formulas/users-formula/commit/4cec0ef))
162 | * **sudo.sls:** fix `salt-lint` errors ([](https://github.com/saltstack-formulas/users-formula/commit/560f5e1))
163 |
164 |
165 | ### Continuous Integration
166 |
167 | * **kitchen:** change `log_level` to `debug` instead of `info` ([](https://github.com/saltstack-formulas/users-formula/commit/1726e0f))
168 | * **kitchen:** install required packages to bootstrapped `opensuse` [skip ci] ([](https://github.com/saltstack-formulas/users-formula/commit/0ed662d))
169 | * **kitchen:** use bootstrapped `opensuse` images until `2019.2.2` [skip ci] ([](https://github.com/saltstack-formulas/users-formula/commit/f2e1b66))
170 | * **platform:** add `arch-base-latest` (commented out for now) [skip ci] ([](https://github.com/saltstack-formulas/users-formula/commit/1790bae))
171 | * **yamllint:** add rule `empty-values` & use new `yaml-files` setting ([](https://github.com/saltstack-formulas/users-formula/commit/af2d2c0))
172 | * merge travis matrix, add `salt-lint` & `rubocop` to `lint` job ([](https://github.com/saltstack-formulas/users-formula/commit/f17d156))
173 | * use `dist: bionic` & apply `opensuse-leap-15` SCP error workaround ([](https://github.com/saltstack-formulas/users-formula/commit/4d3228b))
174 |
175 | # [0.48.0](https://github.com/saltstack-formulas/users-formula/compare/v0.47.0...v0.48.0) (2019-08-17)
176 |
177 |
178 | ### Features
179 |
180 | * **yamllint:** include for this repo and apply rules throughout ([fa6210d](https://github.com/saltstack-formulas/users-formula/commit/fa6210d))
181 |
182 | # [0.47.0](https://github.com/saltstack-formulas/users-formula/compare/v0.46.1...v0.47.0) (2019-08-07)
183 |
184 |
185 | ### Features
186 |
187 | * **semantic-release:** implement for this formula ([3bcdc90](https://github.com/saltstack-formulas/users-formula/commit/3bcdc90)), closes [#203](https://github.com/saltstack-formulas/users-formula/issues/203)
188 |
--------------------------------------------------------------------------------
/CODEOWNERS:
--------------------------------------------------------------------------------
1 | # https://help.github.com/en/github/creating-cloning-and-archiving-repositories/about-code-owners
2 |
3 | # SECTION: Owner(s) for everything in the repo, unless a later match takes precedence
4 | # **************************************************************************
5 | # *** NO GLOBAL OWNER(S) SPECIFIED ***
6 | # *** Ideally this will be defined for a healthy, well-maintained repo ***
7 | # **************************************************************************
8 | # FILE PATTERN OWNER(S)
9 | * @NONE
10 |
11 | # SECTION: Owner(s) for specific directories
12 | # FILE PATTERN OWNER(S)
13 |
14 | # SECTION: Owner(s) for files/directories related to `semantic-release`
15 | # FILE PATTERN OWNER(S)
16 | /.github/workflows/ @saltstack-formulas/ssf
17 | /bin/install-hooks @saltstack-formulas/ssf
18 | /bin/kitchen @saltstack-formulas/ssf
19 | /docs/AUTHORS.rst @saltstack-formulas/ssf
20 | /docs/CHANGELOG.rst @saltstack-formulas/ssf
21 | /docs/TOFS_pattern.rst @saltstack-formulas/ssf
22 | /*/_mapdata/ @saltstack-formulas/ssf
23 | /*/libsaltcli.jinja @saltstack-formulas/ssf
24 | /*/libtofs.jinja @saltstack-formulas/ssf
25 | /test/integration/**/_mapdata.rb @saltstack-formulas/ssf
26 | /test/integration/**/libraries/system.rb @saltstack-formulas/ssf
27 | /test/integration/**/inspec.yml @saltstack-formulas/ssf
28 | /test/integration/**/README.md @saltstack-formulas/ssf
29 | /test/salt/pillar/top.sls @saltstack-formulas/ssf
30 | /.gitignore @saltstack-formulas/ssf
31 | /.cirrus.yml @saltstack-formulas/ssf
32 | /.gitlab-ci.yml @saltstack-formulas/ssf
33 | /.pre-commit-config.yaml @saltstack-formulas/ssf
34 | /.rstcheck.cfg @saltstack-formulas/ssf
35 | /.rubocop.yml @saltstack-formulas/ssf
36 | /.salt-lint @saltstack-formulas/ssf
37 | /.travis.yml @saltstack-formulas/ssf
38 | /.yamllint @saltstack-formulas/ssf
39 | /AUTHORS.md @saltstack-formulas/ssf
40 | /CHANGELOG.md @saltstack-formulas/ssf
41 | /CODEOWNERS @saltstack-formulas/ssf
42 | /commitlint.config.js @saltstack-formulas/ssf
43 | /FORMULA @saltstack-formulas/ssf
44 | /Gemfile @saltstack-formulas/ssf
45 | /Gemfile.lock @saltstack-formulas/ssf
46 | /kitchen.yml @saltstack-formulas/ssf
47 | /kitchen.vagrant.yml @saltstack-formulas/ssf
48 | /kitchen.windows.yml @saltstack-formulas/ssf
49 | /pre-commit_semantic-release.sh @saltstack-formulas/ssf
50 | /release-rules.js @saltstack-formulas/ssf
51 | /release.config.js @saltstack-formulas/ssf
52 |
53 | # SECTION: Owner(s) for specific files
54 | # FILE PATTERN OWNER(S)
55 |
--------------------------------------------------------------------------------
/FORMULA:
--------------------------------------------------------------------------------
1 | name: users
2 | os: Debian, Ubuntu, Raspbian, RedHat, Fedora, CentOS, Suse, openSUSE, Gentoo, Funtoo, Arch, Manjaro, Alpine, FreeBSD, OpenBSD, Solaris, SmartOS, Windows, MacOS
3 | os_family: Debian, RedHat, Suse, Gentoo, Arch, Alpine, FreeBSD, OpenBSD, Solaris, Windows, MacOS
4 | version: 0.48.8
5 | release: 1
6 | minimum_version: 2017.7
7 | summary: users formula
8 | description: Formula to configure users via pillar
9 | top_level_dir: users
10 |
--------------------------------------------------------------------------------
/Gemfile:
--------------------------------------------------------------------------------
1 | # frozen_string_literal: true
2 |
3 | source ENV.fetch('PROXY_RUBYGEMSORG', 'https://rubygems.org')
4 |
5 | # Install the `inspec` gem using `git` because versions after `4.22.22`
6 | # suppress diff output; this version fixes this for our uses.
7 | # rubocop:disable Layout/LineLength
8 | gem 'inspec', git: 'https://gitlab.com/saltstack-formulas/infrastructure/inspec', branch: 'ssf'
9 | # rubocop:enable Layout/LineLength
10 |
11 | # Install the `kitchen-docker` gem using `git` in order to gain a performance
12 | # improvement: avoid package installations which are already covered by the
13 | # `salt-image-builder` (i.e. the pre-salted images that we're using)
14 | # rubocop:disable Layout/LineLength
15 | gem 'kitchen-docker', git: 'https://gitlab.com/saltstack-formulas/infrastructure/kitchen-docker', branch: 'ssf'
16 | # rubocop:enable Layout/LineLength
17 |
18 | gem 'kitchen-inspec', '>= 2.5.0'
19 | gem 'kitchen-salt', '>= 0.7.2'
20 |
--------------------------------------------------------------------------------
/Gemfile.lock:
--------------------------------------------------------------------------------
1 | GIT
2 | remote: https://gitlab.com/saltstack-formulas/infrastructure/inspec
3 | revision: aaef842906a5666f0fc0b4f186b4dd3498f5b28c
4 | branch: ssf
5 | specs:
6 | inspec (5.18.15)
7 | cookstyle
8 | faraday_middleware (>= 0.12.2, < 1.1)
9 | inspec-core (= 5.18.15)
10 | mongo (= 2.13.2)
11 | progress_bar (~> 1.3.3)
12 | rake
13 | train (~> 3.10)
14 | train-aws (~> 0.2)
15 | train-habitat (~> 0.1)
16 | train-winrm (~> 0.2)
17 | inspec-core (5.18.15)
18 | addressable (~> 2.4)
19 | chef-telemetry (~> 1.0, >= 1.0.8)
20 | faraday (>= 0.9.0, < 1.5)
21 | faraday_middleware (~> 1.0)
22 | hashie (>= 3.4, < 5.0)
23 | license-acceptance (>= 0.2.13, < 3.0)
24 | method_source (>= 0.8, < 2.0)
25 | mixlib-log (~> 3.0)
26 | multipart-post (~> 2.0)
27 | parallel (~> 1.9)
28 | parslet (>= 1.5, < 2.0)
29 | pry (~> 0.13)
30 | rspec (>= 3.9, <= 3.11)
31 | rspec-its (~> 1.2)
32 | rubyzip (>= 1.2.2, < 3.0)
33 | semverse (~> 3.0)
34 | sslshake (~> 1.2)
35 | thor (>= 0.20, < 2.0)
36 | tomlrb (>= 1.2, < 2.1)
37 | train-core (~> 3.10)
38 | tty-prompt (~> 0.17)
39 | tty-table (~> 0.10)
40 |
41 | GIT
42 | remote: https://gitlab.com/saltstack-formulas/infrastructure/kitchen-docker
43 | revision: 9a09bc1e571e25f3ccabf4725ca2048d970fff82
44 | branch: ssf
45 | specs:
46 | kitchen-docker (2.12.0)
47 | test-kitchen (>= 1.0.0)
48 |
49 | GEM
50 | remote: https://rubygems.org/
51 | specs:
52 | activesupport (7.0.3.1)
53 | concurrent-ruby (~> 1.0, >= 1.0.2)
54 | i18n (>= 1.6, < 2)
55 | minitest (>= 5.1)
56 | tzinfo (~> 2.0)
57 | addressable (2.8.0)
58 | public_suffix (>= 2.0.2, < 5.0)
59 | ast (2.4.2)
60 | aws-eventstream (1.2.0)
61 | aws-partitions (1.607.0)
62 | aws-sdk-alexaforbusiness (1.56.0)
63 | aws-sdk-core (~> 3, >= 3.127.0)
64 | aws-sigv4 (~> 1.1)
65 | aws-sdk-amplify (1.32.0)
66 | aws-sdk-core (~> 3, >= 3.120.0)
67 | aws-sigv4 (~> 1.1)
68 | aws-sdk-apigateway (1.78.0)
69 | aws-sdk-core (~> 3, >= 3.127.0)
70 | aws-sigv4 (~> 1.1)
71 | aws-sdk-apigatewayv2 (1.42.0)
72 | aws-sdk-core (~> 3, >= 3.127.0)
73 | aws-sigv4 (~> 1.1)
74 | aws-sdk-applicationautoscaling (1.51.0)
75 | aws-sdk-core (~> 3, >= 3.112.0)
76 | aws-sigv4 (~> 1.1)
77 | aws-sdk-athena (1.55.0)
78 | aws-sdk-core (~> 3, >= 3.127.0)
79 | aws-sigv4 (~> 1.1)
80 | aws-sdk-autoscaling (1.63.0)
81 | aws-sdk-core (~> 3, >= 3.112.0)
82 | aws-sigv4 (~> 1.1)
83 | aws-sdk-batch (1.47.0)
84 | aws-sdk-core (~> 3, >= 3.112.0)
85 | aws-sigv4 (~> 1.1)
86 | aws-sdk-budgets (1.50.0)
87 | aws-sdk-core (~> 3, >= 3.127.0)
88 | aws-sigv4 (~> 1.1)
89 | aws-sdk-cloudformation (1.70.0)
90 | aws-sdk-core (~> 3, >= 3.127.0)
91 | aws-sigv4 (~> 1.1)
92 | aws-sdk-cloudfront (1.65.0)
93 | aws-sdk-core (~> 3, >= 3.127.0)
94 | aws-sigv4 (~> 1.1)
95 | aws-sdk-cloudhsm (1.39.0)
96 | aws-sdk-core (~> 3, >= 3.127.0)
97 | aws-sigv4 (~> 1.1)
98 | aws-sdk-cloudhsmv2 (1.42.0)
99 | aws-sdk-core (~> 3, >= 3.127.0)
100 | aws-sigv4 (~> 1.1)
101 | aws-sdk-cloudtrail (1.49.0)
102 | aws-sdk-core (~> 3, >= 3.127.0)
103 | aws-sigv4 (~> 1.1)
104 | aws-sdk-cloudwatch (1.64.0)
105 | aws-sdk-core (~> 3, >= 3.127.0)
106 | aws-sigv4 (~> 1.1)
107 | aws-sdk-cloudwatchevents (1.46.0)
108 | aws-sdk-core (~> 3, >= 3.112.0)
109 | aws-sigv4 (~> 1.1)
110 | aws-sdk-cloudwatchlogs (1.53.0)
111 | aws-sdk-core (~> 3, >= 3.127.0)
112 | aws-sigv4 (~> 1.1)
113 | aws-sdk-codecommit (1.51.0)
114 | aws-sdk-core (~> 3, >= 3.127.0)
115 | aws-sigv4 (~> 1.1)
116 | aws-sdk-codedeploy (1.49.0)
117 | aws-sdk-core (~> 3, >= 3.127.0)
118 | aws-sigv4 (~> 1.1)
119 | aws-sdk-codepipeline (1.53.0)
120 | aws-sdk-core (~> 3, >= 3.127.0)
121 | aws-sigv4 (~> 1.1)
122 | aws-sdk-cognitoidentity (1.31.0)
123 | aws-sdk-core (~> 3, >= 3.112.0)
124 | aws-sigv4 (~> 1.1)
125 | aws-sdk-cognitoidentityprovider (1.53.0)
126 | aws-sdk-core (~> 3, >= 3.112.0)
127 | aws-sigv4 (~> 1.1)
128 | aws-sdk-configservice (1.79.0)
129 | aws-sdk-core (~> 3, >= 3.127.0)
130 | aws-sigv4 (~> 1.1)
131 | aws-sdk-core (3.131.2)
132 | aws-eventstream (~> 1, >= 1.0.2)
133 | aws-partitions (~> 1, >= 1.525.0)
134 | aws-sigv4 (~> 1.1)
135 | jmespath (~> 1, >= 1.6.1)
136 | aws-sdk-costandusagereportservice (1.40.0)
137 | aws-sdk-core (~> 3, >= 3.127.0)
138 | aws-sigv4 (~> 1.1)
139 | aws-sdk-databasemigrationservice (1.53.0)
140 | aws-sdk-core (~> 3, >= 3.112.0)
141 | aws-sigv4 (~> 1.1)
142 | aws-sdk-dynamodb (1.75.0)
143 | aws-sdk-core (~> 3, >= 3.127.0)
144 | aws-sigv4 (~> 1.1)
145 | aws-sdk-ec2 (1.322.0)
146 | aws-sdk-core (~> 3, >= 3.127.0)
147 | aws-sigv4 (~> 1.1)
148 | aws-sdk-ecr (1.56.0)
149 | aws-sdk-core (~> 3, >= 3.127.0)
150 | aws-sigv4 (~> 1.1)
151 | aws-sdk-ecrpublic (1.12.0)
152 | aws-sdk-core (~> 3, >= 3.127.0)
153 | aws-sigv4 (~> 1.1)
154 | aws-sdk-ecs (1.100.0)
155 | aws-sdk-core (~> 3, >= 3.127.0)
156 | aws-sigv4 (~> 1.1)
157 | aws-sdk-efs (1.54.0)
158 | aws-sdk-core (~> 3, >= 3.127.0)
159 | aws-sigv4 (~> 1.1)
160 | aws-sdk-eks (1.75.0)
161 | aws-sdk-core (~> 3, >= 3.127.0)
162 | aws-sigv4 (~> 1.1)
163 | aws-sdk-elasticache (1.78.0)
164 | aws-sdk-core (~> 3, >= 3.127.0)
165 | aws-sigv4 (~> 1.1)
166 | aws-sdk-elasticbeanstalk (1.51.0)
167 | aws-sdk-core (~> 3, >= 3.127.0)
168 | aws-sigv4 (~> 1.1)
169 | aws-sdk-elasticloadbalancing (1.40.0)
170 | aws-sdk-core (~> 3, >= 3.127.0)
171 | aws-sigv4 (~> 1.1)
172 | aws-sdk-elasticloadbalancingv2 (1.78.0)
173 | aws-sdk-core (~> 3, >= 3.127.0)
174 | aws-sigv4 (~> 1.1)
175 | aws-sdk-elasticsearchservice (1.65.0)
176 | aws-sdk-core (~> 3, >= 3.127.0)
177 | aws-sigv4 (~> 1.1)
178 | aws-sdk-emr (1.53.0)
179 | aws-sdk-core (~> 3, >= 3.121.2)
180 | aws-sigv4 (~> 1.1)
181 | aws-sdk-eventbridge (1.24.0)
182 | aws-sdk-core (~> 3, >= 3.112.0)
183 | aws-sigv4 (~> 1.1)
184 | aws-sdk-firehose (1.48.0)
185 | aws-sdk-core (~> 3, >= 3.127.0)
186 | aws-sigv4 (~> 1.1)
187 | aws-sdk-glue (1.88.0)
188 | aws-sdk-core (~> 3, >= 3.112.0)
189 | aws-sigv4 (~> 1.1)
190 | aws-sdk-guardduty (1.58.0)
191 | aws-sdk-core (~> 3, >= 3.127.0)
192 | aws-sigv4 (~> 1.1)
193 | aws-sdk-iam (1.69.0)
194 | aws-sdk-core (~> 3, >= 3.127.0)
195 | aws-sigv4 (~> 1.1)
196 | aws-sdk-kafka (1.50.0)
197 | aws-sdk-core (~> 3, >= 3.127.0)
198 | aws-sigv4 (~> 1.1)
199 | aws-sdk-kinesis (1.41.0)
200 | aws-sdk-core (~> 3, >= 3.127.0)
201 | aws-sigv4 (~> 1.1)
202 | aws-sdk-kms (1.57.0)
203 | aws-sdk-core (~> 3, >= 3.127.0)
204 | aws-sigv4 (~> 1.1)
205 | aws-sdk-lambda (1.84.0)
206 | aws-sdk-core (~> 3, >= 3.127.0)
207 | aws-sigv4 (~> 1.1)
208 | aws-sdk-mq (1.40.0)
209 | aws-sdk-core (~> 3, >= 3.120.0)
210 | aws-sigv4 (~> 1.1)
211 | aws-sdk-networkfirewall (1.17.0)
212 | aws-sdk-core (~> 3, >= 3.127.0)
213 | aws-sigv4 (~> 1.1)
214 | aws-sdk-networkmanager (1.24.0)
215 | aws-sdk-core (~> 3, >= 3.127.0)
216 | aws-sigv4 (~> 1.1)
217 | aws-sdk-organizations (1.59.0)
218 | aws-sdk-core (~> 3, >= 3.112.0)
219 | aws-sigv4 (~> 1.1)
220 | aws-sdk-ram (1.26.0)
221 | aws-sdk-core (~> 3, >= 3.112.0)
222 | aws-sigv4 (~> 1.1)
223 | aws-sdk-rds (1.148.0)
224 | aws-sdk-core (~> 3, >= 3.127.0)
225 | aws-sigv4 (~> 1.1)
226 | aws-sdk-redshift (1.84.0)
227 | aws-sdk-core (~> 3, >= 3.127.0)
228 | aws-sigv4 (~> 1.1)
229 | aws-sdk-route53 (1.63.0)
230 | aws-sdk-core (~> 3, >= 3.127.0)
231 | aws-sigv4 (~> 1.1)
232 | aws-sdk-route53domains (1.40.0)
233 | aws-sdk-core (~> 3, >= 3.127.0)
234 | aws-sigv4 (~> 1.1)
235 | aws-sdk-route53resolver (1.37.0)
236 | aws-sdk-core (~> 3, >= 3.127.0)
237 | aws-sigv4 (~> 1.1)
238 | aws-sdk-s3 (1.114.0)
239 | aws-sdk-core (~> 3, >= 3.127.0)
240 | aws-sdk-kms (~> 1)
241 | aws-sigv4 (~> 1.4)
242 | aws-sdk-s3control (1.43.0)
243 | aws-sdk-core (~> 3, >= 3.122.0)
244 | aws-sigv4 (~> 1.1)
245 | aws-sdk-secretsmanager (1.46.0)
246 | aws-sdk-core (~> 3, >= 3.112.0)
247 | aws-sigv4 (~> 1.1)
248 | aws-sdk-securityhub (1.67.0)
249 | aws-sdk-core (~> 3, >= 3.127.0)
250 | aws-sigv4 (~> 1.1)
251 | aws-sdk-servicecatalog (1.60.0)
252 | aws-sdk-core (~> 3, >= 3.112.0)
253 | aws-sigv4 (~> 1.1)
254 | aws-sdk-ses (1.41.0)
255 | aws-sdk-core (~> 3, >= 3.120.0)
256 | aws-sigv4 (~> 1.1)
257 | aws-sdk-shield (1.48.0)
258 | aws-sdk-core (~> 3, >= 3.127.0)
259 | aws-sigv4 (~> 1.1)
260 | aws-sdk-signer (1.32.0)
261 | aws-sdk-core (~> 3, >= 3.120.0)
262 | aws-sigv4 (~> 1.1)
263 | aws-sdk-simpledb (1.29.0)
264 | aws-sdk-core (~> 3, >= 3.120.0)
265 | aws-sigv2 (~> 1.0)
266 | aws-sdk-sms (1.40.0)
267 | aws-sdk-core (~> 3, >= 3.127.0)
268 | aws-sigv4 (~> 1.1)
269 | aws-sdk-sns (1.53.0)
270 | aws-sdk-core (~> 3, >= 3.127.0)
271 | aws-sigv4 (~> 1.1)
272 | aws-sdk-sqs (1.51.1)
273 | aws-sdk-core (~> 3, >= 3.127.0)
274 | aws-sigv4 (~> 1.1)
275 | aws-sdk-ssm (1.137.0)
276 | aws-sdk-core (~> 3, >= 3.127.0)
277 | aws-sigv4 (~> 1.1)
278 | aws-sdk-states (1.39.0)
279 | aws-sdk-core (~> 3, >= 3.112.0)
280 | aws-sigv4 (~> 1.1)
281 | aws-sdk-synthetics (1.19.0)
282 | aws-sdk-core (~> 3, >= 3.121.2)
283 | aws-sigv4 (~> 1.1)
284 | aws-sdk-transfer (1.34.0)
285 | aws-sdk-core (~> 3, >= 3.112.0)
286 | aws-sigv4 (~> 1.1)
287 | aws-sdk-waf (1.43.0)
288 | aws-sdk-core (~> 3, >= 3.122.0)
289 | aws-sigv4 (~> 1.1)
290 | aws-sigv2 (1.1.0)
291 | aws-sigv4 (1.5.0)
292 | aws-eventstream (~> 1, >= 1.0.2)
293 | azure_graph_rbac (0.17.2)
294 | ms_rest_azure (~> 0.12.0)
295 | azure_mgmt_key_vault (0.17.7)
296 | ms_rest_azure (~> 0.12.0)
297 | azure_mgmt_resources (0.18.2)
298 | ms_rest_azure (~> 0.12.0)
299 | azure_mgmt_security (0.19.0)
300 | ms_rest_azure (~> 0.12.0)
301 | azure_mgmt_storage (0.23.0)
302 | ms_rest_azure (~> 0.12.0)
303 | bcrypt_pbkdf (1.1.0)
304 | bson (4.15.0)
305 | builder (3.2.4)
306 | chef-config (17.10.0)
307 | addressable
308 | chef-utils (= 17.10.0)
309 | fuzzyurl
310 | mixlib-config (>= 2.2.12, < 4.0)
311 | mixlib-shellout (>= 2.0, < 4.0)
312 | tomlrb (~> 1.2)
313 | chef-telemetry (1.1.1)
314 | chef-config
315 | concurrent-ruby (~> 1.0)
316 | chef-utils (17.10.0)
317 | concurrent-ruby
318 | coderay (1.1.3)
319 | concurrent-ruby (1.1.10)
320 | cookstyle (7.32.1)
321 | rubocop (= 1.25.1)
322 | declarative (0.0.20)
323 | diff-lcs (1.5.0)
324 | docker-api (2.2.0)
325 | excon (>= 0.47.0)
326 | multi_json
327 | domain_name (0.5.20190701)
328 | unf (>= 0.0.5, < 1.0.0)
329 | ed25519 (1.3.0)
330 | erubi (1.10.0)
331 | excon (0.92.3)
332 | faraday (1.4.3)
333 | faraday-em_http (~> 1.0)
334 | faraday-em_synchrony (~> 1.0)
335 | faraday-excon (~> 1.1)
336 | faraday-net_http (~> 1.0)
337 | faraday-net_http_persistent (~> 1.1)
338 | multipart-post (>= 1.2, < 3)
339 | ruby2_keywords (>= 0.0.4)
340 | faraday-cookie_jar (0.0.7)
341 | faraday (>= 0.8.0)
342 | http-cookie (~> 1.0.0)
343 | faraday-em_http (1.0.0)
344 | faraday-em_synchrony (1.0.0)
345 | faraday-excon (1.1.0)
346 | faraday-net_http (1.0.1)
347 | faraday-net_http_persistent (1.2.0)
348 | faraday_middleware (1.0.0)
349 | faraday (~> 1.0)
350 | ffi (1.15.5)
351 | fuzzyurl (0.9.0)
352 | google-api-client (0.52.0)
353 | addressable (~> 2.5, >= 2.5.1)
354 | googleauth (~> 0.9)
355 | httpclient (>= 2.8.1, < 3.0)
356 | mini_mime (~> 1.0)
357 | representable (~> 3.0)
358 | retriable (>= 2.0, < 4.0)
359 | rexml
360 | signet (~> 0.12)
361 | googleauth (0.14.0)
362 | faraday (>= 0.17.3, < 2.0)
363 | jwt (>= 1.4, < 3.0)
364 | memoist (~> 0.16)
365 | multi_json (~> 1.11)
366 | os (>= 0.9, < 2.0)
367 | signet (~> 0.14)
368 | gssapi (1.3.1)
369 | ffi (>= 1.0.1)
370 | gyoku (1.4.0)
371 | builder (>= 2.1.2)
372 | rexml (~> 3.0)
373 | hashie (4.1.0)
374 | highline (2.0.3)
375 | http-cookie (1.0.5)
376 | domain_name (~> 0.5)
377 | httpclient (2.8.3)
378 | i18n (1.12.0)
379 | concurrent-ruby (~> 1.0)
380 | inifile (3.0.0)
381 | jmespath (1.6.1)
382 | json (2.6.2)
383 | jwt (2.4.1)
384 | kitchen-inspec (2.6.1)
385 | hashie (>= 3.4, <= 5.0)
386 | inspec (>= 2.2.64, < 7.0)
387 | test-kitchen (>= 2.7, < 4)
388 | kitchen-salt (0.7.2)
389 | hashie (>= 3.5)
390 | test-kitchen (>= 1.4)
391 | license-acceptance (2.1.13)
392 | pastel (~> 0.7)
393 | tomlrb (>= 1.2, < 3.0)
394 | tty-box (~> 0.6)
395 | tty-prompt (~> 0.20)
396 | little-plugger (1.1.4)
397 | logging (2.3.1)
398 | little-plugger (~> 1.1)
399 | multi_json (~> 1.14)
400 | memoist (0.16.2)
401 | method_source (1.0.0)
402 | mini_mime (1.1.2)
403 | minitest (5.16.2)
404 | mixlib-config (3.0.27)
405 | tomlrb
406 | mixlib-install (3.12.19)
407 | mixlib-shellout
408 | mixlib-versioning
409 | thor
410 | mixlib-log (3.0.9)
411 | mixlib-shellout (3.2.7)
412 | chef-utils
413 | mixlib-versioning (1.2.12)
414 | mongo (2.13.2)
415 | bson (>= 4.8.2, < 5.0.0)
416 | ms_rest (0.7.6)
417 | concurrent-ruby (~> 1.0)
418 | faraday (>= 0.9, < 2.0.0)
419 | timeliness (~> 0.3.10)
420 | ms_rest_azure (0.12.0)
421 | concurrent-ruby (~> 1.0)
422 | faraday (>= 0.9, < 2.0.0)
423 | faraday-cookie_jar (~> 0.0.6)
424 | ms_rest (~> 0.7.6)
425 | multi_json (1.15.0)
426 | multipart-post (2.2.3)
427 | net-scp (3.0.0)
428 | net-ssh (>= 2.6.5, < 7.0.0)
429 | net-ssh (6.1.0)
430 | net-ssh-gateway (2.0.0)
431 | net-ssh (>= 4.0.0)
432 | nori (2.6.0)
433 | options (2.3.2)
434 | os (1.1.4)
435 | parallel (1.22.1)
436 | parser (3.1.2.0)
437 | ast (~> 2.4.1)
438 | parslet (1.8.2)
439 | pastel (0.8.0)
440 | tty-color (~> 0.5)
441 | progress_bar (1.3.3)
442 | highline (>= 1.6, < 3)
443 | options (~> 2.3.0)
444 | pry (0.14.1)
445 | coderay (~> 1.1)
446 | method_source (~> 1.0)
447 | public_suffix (4.0.7)
448 | rainbow (3.1.1)
449 | rake (13.0.6)
450 | regexp_parser (2.5.0)
451 | representable (3.2.0)
452 | declarative (< 0.1.0)
453 | trailblazer-option (>= 0.1.1, < 0.2.0)
454 | uber (< 0.2.0)
455 | retriable (3.1.2)
456 | rexml (3.2.5)
457 | rspec (3.11.0)
458 | rspec-core (~> 3.11.0)
459 | rspec-expectations (~> 3.11.0)
460 | rspec-mocks (~> 3.11.0)
461 | rspec-core (3.11.0)
462 | rspec-support (~> 3.11.0)
463 | rspec-expectations (3.11.0)
464 | diff-lcs (>= 1.2.0, < 2.0)
465 | rspec-support (~> 3.11.0)
466 | rspec-its (1.3.0)
467 | rspec-core (>= 3.0.0)
468 | rspec-expectations (>= 3.0.0)
469 | rspec-mocks (3.11.1)
470 | diff-lcs (>= 1.2.0, < 2.0)
471 | rspec-support (~> 3.11.0)
472 | rspec-support (3.11.0)
473 | rubocop (1.25.1)
474 | parallel (~> 1.10)
475 | parser (>= 3.1.0.0)
476 | rainbow (>= 2.2.2, < 4.0)
477 | regexp_parser (>= 1.8, < 3.0)
478 | rexml
479 | rubocop-ast (>= 1.15.1, < 2.0)
480 | ruby-progressbar (~> 1.7)
481 | unicode-display_width (>= 1.4.0, < 3.0)
482 | rubocop-ast (1.19.1)
483 | parser (>= 3.1.1.0)
484 | ruby-progressbar (1.11.0)
485 | ruby2_keywords (0.0.5)
486 | rubyntlm (0.6.3)
487 | rubyzip (2.3.2)
488 | semverse (3.0.2)
489 | signet (0.17.0)
490 | addressable (~> 2.8)
491 | faraday (>= 0.17.5, < 3.a)
492 | jwt (>= 1.5, < 3.0)
493 | multi_json (~> 1.10)
494 | sslshake (1.3.1)
495 | strings (0.2.1)
496 | strings-ansi (~> 0.2)
497 | unicode-display_width (>= 1.5, < 3.0)
498 | unicode_utils (~> 1.4)
499 | strings-ansi (0.2.0)
500 | test-kitchen (3.3.1)
501 | bcrypt_pbkdf (~> 1.0)
502 | chef-utils (>= 16.4.35)
503 | ed25519 (~> 1.2)
504 | license-acceptance (>= 1.0.11, < 3.0)
505 | mixlib-install (~> 3.6)
506 | mixlib-shellout (>= 1.2, < 4.0)
507 | net-scp (>= 1.1, < 4.0)
508 | net-ssh (>= 2.9, < 7.0)
509 | net-ssh-gateway (>= 1.2, < 3.0)
510 | thor (>= 0.19, < 2.0)
511 | winrm (~> 2.0)
512 | winrm-elevated (~> 1.0)
513 | winrm-fs (~> 1.1)
514 | thor (1.2.1)
515 | timeliness (0.3.10)
516 | tomlrb (1.3.0)
517 | trailblazer-option (0.1.2)
518 | train (3.10.1)
519 | activesupport (>= 6.0.3.1)
520 | azure_graph_rbac (~> 0.16)
521 | azure_mgmt_key_vault (~> 0.17)
522 | azure_mgmt_resources (~> 0.15)
523 | azure_mgmt_security (~> 0.18)
524 | azure_mgmt_storage (~> 0.18)
525 | docker-api (>= 1.26, < 3.0)
526 | google-api-client (>= 0.23.9, <= 0.52.0)
527 | googleauth (>= 0.6.6, <= 0.14.0)
528 | inifile (~> 3.0)
529 | train-core (= 3.10.1)
530 | train-winrm (~> 0.2)
531 | train-aws (0.2.24)
532 | aws-sdk-alexaforbusiness (~> 1.0)
533 | aws-sdk-amplify (~> 1.32.0)
534 | aws-sdk-apigateway (~> 1.0)
535 | aws-sdk-apigatewayv2 (~> 1.0)
536 | aws-sdk-applicationautoscaling (>= 1.46, < 1.52)
537 | aws-sdk-athena (~> 1.0)
538 | aws-sdk-autoscaling (>= 1.22, < 1.64)
539 | aws-sdk-batch (>= 1.36, < 1.48)
540 | aws-sdk-budgets (~> 1.0)
541 | aws-sdk-cloudformation (~> 1.0)
542 | aws-sdk-cloudfront (~> 1.0)
543 | aws-sdk-cloudhsm (~> 1.0)
544 | aws-sdk-cloudhsmv2 (~> 1.0)
545 | aws-sdk-cloudtrail (~> 1.8)
546 | aws-sdk-cloudwatch (~> 1.13)
547 | aws-sdk-cloudwatchevents (>= 1.36, < 1.47)
548 | aws-sdk-cloudwatchlogs (~> 1.13)
549 | aws-sdk-codecommit (~> 1.0)
550 | aws-sdk-codedeploy (~> 1.0)
551 | aws-sdk-codepipeline (~> 1.0)
552 | aws-sdk-cognitoidentity (>= 1.26, < 1.32)
553 | aws-sdk-cognitoidentityprovider (>= 1.46, < 1.54)
554 | aws-sdk-configservice (~> 1.21)
555 | aws-sdk-core (~> 3.0)
556 | aws-sdk-costandusagereportservice (~> 1.6)
557 | aws-sdk-databasemigrationservice (>= 1.42, < 1.54)
558 | aws-sdk-dynamodb (~> 1.31)
559 | aws-sdk-ec2 (~> 1.70)
560 | aws-sdk-ecr (~> 1.18)
561 | aws-sdk-ecrpublic (~> 1.3)
562 | aws-sdk-ecs (~> 1.30)
563 | aws-sdk-efs (~> 1.0)
564 | aws-sdk-eks (~> 1.9)
565 | aws-sdk-elasticache (~> 1.0)
566 | aws-sdk-elasticbeanstalk (~> 1.0)
567 | aws-sdk-elasticloadbalancing (~> 1.8)
568 | aws-sdk-elasticloadbalancingv2 (~> 1.0)
569 | aws-sdk-elasticsearchservice (~> 1.0)
570 | aws-sdk-emr (~> 1.53.0)
571 | aws-sdk-eventbridge (~> 1.24.0)
572 | aws-sdk-firehose (~> 1.0)
573 | aws-sdk-glue (>= 1.71, < 1.89)
574 | aws-sdk-guardduty (~> 1.31)
575 | aws-sdk-iam (~> 1.13)
576 | aws-sdk-kafka (~> 1.0)
577 | aws-sdk-kinesis (~> 1.0)
578 | aws-sdk-kms (~> 1.13)
579 | aws-sdk-lambda (~> 1.0)
580 | aws-sdk-mq (~> 1.40.0)
581 | aws-sdk-networkfirewall (>= 1.6.0)
582 | aws-sdk-networkmanager (>= 1.13.0)
583 | aws-sdk-organizations (>= 1.17, < 1.60)
584 | aws-sdk-ram (>= 1.21, < 1.27)
585 | aws-sdk-rds (~> 1.43)
586 | aws-sdk-redshift (~> 1.0)
587 | aws-sdk-route53 (~> 1.0)
588 | aws-sdk-route53domains (~> 1.0)
589 | aws-sdk-route53resolver (~> 1.0)
590 | aws-sdk-s3 (~> 1.30)
591 | aws-sdk-s3control (~> 1.43.0)
592 | aws-sdk-secretsmanager (>= 1.42, < 1.47)
593 | aws-sdk-securityhub (~> 1.0)
594 | aws-sdk-servicecatalog (>= 1.48, < 1.61)
595 | aws-sdk-ses (~> 1.41.0)
596 | aws-sdk-shield (~> 1.30)
597 | aws-sdk-signer (~> 1.32.0)
598 | aws-sdk-simpledb (~> 1.29.0)
599 | aws-sdk-sms (~> 1.0)
600 | aws-sdk-sns (~> 1.9)
601 | aws-sdk-sqs (~> 1.10)
602 | aws-sdk-ssm (~> 1.0)
603 | aws-sdk-states (>= 1.35, < 1.40)
604 | aws-sdk-synthetics (~> 1.19.0)
605 | aws-sdk-transfer (>= 1.26, < 1.35)
606 | aws-sdk-waf (~> 1.43.0)
607 | train-core (3.10.1)
608 | addressable (~> 2.5)
609 | ffi (!= 1.13.0)
610 | json (>= 1.8, < 3.0)
611 | mixlib-shellout (>= 2.0, < 4.0)
612 | net-scp (>= 1.2, < 4.0)
613 | net-ssh (>= 2.9, < 7.0)
614 | train-habitat (0.2.22)
615 | train-winrm (0.2.13)
616 | winrm (>= 2.3.6, < 3.0)
617 | winrm-elevated (~> 1.2.2)
618 | winrm-fs (~> 1.0)
619 | tty-box (0.7.0)
620 | pastel (~> 0.8)
621 | strings (~> 0.2.0)
622 | tty-cursor (~> 0.7)
623 | tty-color (0.6.0)
624 | tty-cursor (0.7.1)
625 | tty-prompt (0.23.1)
626 | pastel (~> 0.8)
627 | tty-reader (~> 0.8)
628 | tty-reader (0.9.0)
629 | tty-cursor (~> 0.7)
630 | tty-screen (~> 0.8)
631 | wisper (~> 2.0)
632 | tty-screen (0.8.1)
633 | tty-table (0.12.0)
634 | pastel (~> 0.8)
635 | strings (~> 0.2.0)
636 | tty-screen (~> 0.8)
637 | tzinfo (2.0.4)
638 | concurrent-ruby (~> 1.0)
639 | uber (0.1.0)
640 | unf (0.1.4)
641 | unf_ext
642 | unf_ext (0.0.8.2)
643 | unicode-display_width (2.2.0)
644 | unicode_utils (1.4.0)
645 | winrm (2.3.6)
646 | builder (>= 2.1.2)
647 | erubi (~> 1.8)
648 | gssapi (~> 1.2)
649 | gyoku (~> 1.0)
650 | httpclient (~> 2.2, >= 2.2.0.2)
651 | logging (>= 1.6.1, < 3.0)
652 | nori (~> 2.0)
653 | rubyntlm (~> 0.6.0, >= 0.6.3)
654 | winrm-elevated (1.2.3)
655 | erubi (~> 1.8)
656 | winrm (~> 2.0)
657 | winrm-fs (~> 1.0)
658 | winrm-fs (1.3.5)
659 | erubi (~> 1.8)
660 | logging (>= 1.6.1, < 3.0)
661 | rubyzip (~> 2.0)
662 | winrm (~> 2.0)
663 | wisper (2.0.1)
664 |
665 | PLATFORMS
666 | ruby
667 |
668 | DEPENDENCIES
669 | inspec!
670 | kitchen-docker!
671 | kitchen-inspec (>= 2.5.0)
672 | kitchen-salt (>= 0.7.2)
673 |
674 | BUNDLED WITH
675 | 2.1.2
676 |
--------------------------------------------------------------------------------
/LICENSE:
--------------------------------------------------------------------------------
1 | Copyright (c) 2014-2015 Salt Stack Formulas
2 |
3 | Licensed under the Apache License, Version 2.0 (the "License");
4 | you may not use this file except in compliance with the License.
5 | You may obtain a copy of the License at
6 |
7 | http://www.apache.org/licenses/LICENSE-2.0
8 |
9 | Unless required by applicable law or agreed to in writing, software
10 | distributed under the License is distributed on an "AS IS" BASIS,
11 | WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
12 | See the License for the specific language governing permissions and
13 | limitations under the License.
14 |
--------------------------------------------------------------------------------
/bin/install-hooks:
--------------------------------------------------------------------------------
1 | #!/usr/bin/env sh
2 | set -o nounset # Treat unset variables as an error and immediately exit
3 | set -o errexit # If a command fails exit the whole script
4 |
5 | if [ "${DEBUG:-false}" = "true" ]; then
6 | set -x # Run the entire script in debug mode
7 | fi
8 |
9 | if ! command -v pre-commit >/dev/null 2>&1; then
10 | echo "pre-commit not found: please install or check your PATH" >&2
11 | echo "See https://pre-commit.com/#installation" >&2
12 | exit 1
13 | fi
14 |
15 | pre-commit install --install-hooks
16 | pre-commit install --hook-type commit-msg --install-hooks
17 |
--------------------------------------------------------------------------------
/bin/kitchen:
--------------------------------------------------------------------------------
1 | #!/usr/bin/env ruby
2 | # frozen_string_literal: true
3 |
4 | #
5 | # This file was generated by Bundler.
6 | #
7 | # The application 'kitchen' is installed as part of a gem, and
8 | # this file is here to facilitate running it.
9 | #
10 |
11 | require 'pathname'
12 | ENV['BUNDLE_GEMFILE'] ||= File.expand_path('../../Gemfile',
13 | Pathname.new(__FILE__).realpath)
14 |
15 | bundle_binstub = File.expand_path('bundle', __dir__)
16 |
17 | if File.file?(bundle_binstub)
18 | if File.read(bundle_binstub, 300) =~ /This file was generated by Bundler/
19 | load(bundle_binstub)
20 | else
21 | abort(
22 | 'Your `bin/bundle` was not generated by Bundler, ' \
23 | 'so this binstub cannot run. Replace `bin/bundle` by running ' \
24 | '`bundle binstubs bundler --force`, then run this command again.'
25 | )
26 | end
27 | end
28 |
29 | require 'rubygems'
30 | require 'bundler/setup'
31 |
32 | load Gem.bin_path('test-kitchen', 'kitchen')
33 |
--------------------------------------------------------------------------------
/commitlint.config.js:
--------------------------------------------------------------------------------
1 | module.exports = {
2 | extends: ['@commitlint/config-conventional'],
3 | rules: {
4 | 'body-max-line-length': [2, 'always', 120],
5 | 'footer-max-line-length': [2, 'always', 120],
6 | 'header-max-length': [2, 'always', 72],
7 | },
8 | };
9 |
--------------------------------------------------------------------------------
/docs/AUTHORS.rst:
--------------------------------------------------------------------------------
1 | .. role:: raw-html-m2r(raw)
2 | :format: html
3 |
4 |
5 | Authors
6 | =======
7 |
8 | This list is sorted by the number of commits per contributor in *descending* order.
9 |
10 | .. list-table::
11 | :header-rows: 1
12 |
13 | * - Avatar
14 | - Contributor
15 | - Contributions
16 | * - :raw-html-m2r:``
17 | - `@myii `_
18 | - 143
19 | * - :raw-html-m2r:``
20 | - `@aboe76 `_
21 | - 42
22 | * - :raw-html-m2r:``
23 | - `@gravyboat `_
24 | - 30
25 | * - :raw-html-m2r:``
26 | - `@puneetk `_
27 | - 14
28 | * - :raw-html-m2r:``
29 | - `@noelmcloughlin `_
30 | - 14
31 | * - :raw-html-m2r:``
32 | - `@nmadhok `_
33 | - 13
34 | * - :raw-html-m2r:``
35 | - `@whiteinge `_
36 | - 13
37 | * - :raw-html-m2r:``
38 | - `@techhat `_
39 | - 10
40 | * - :raw-html-m2r:``
41 | - `@hatifnatt `_
42 | - 10
43 | * - :raw-html-m2r:``
44 | - `@babilen `_
45 | - 9
46 | * - :raw-html-m2r:``
47 | - `@kossmac `_
48 | - 7
49 | * - :raw-html-m2r:``
50 | - `@arthurzenika `_
51 | - 6
52 | * - :raw-html-m2r:``
53 | - `@alxwr `_
54 | - 6
55 | * - :raw-html-m2r:``
56 | - `@pprkut `_
57 | - 5
58 | * - :raw-html-m2r:``
59 | - `@bkmit `_
60 | - 4
61 | * - :raw-html-m2r:``
62 | - `@stp-ip `_
63 | - 4
64 | * - :raw-html-m2r:``
65 | - `@spoage `_
66 | - 4
67 | * - :raw-html-m2r:``
68 | - `@madflojo `_
69 | - 4
70 | * - :raw-html-m2r:``
71 | - `@tiger-seo `_
72 | - 4
73 | * - :raw-html-m2r:``
74 | - `@daschatten `_
75 | - 4
76 | * - :raw-html-m2r:``
77 | - `@ashb `_
78 | - 3
79 | * - :raw-html-m2r:``
80 | - `@dafyddj `_
81 | - 3
82 | * - :raw-html-m2r:``
83 | - `@tardypad `_
84 | - 3
85 | * - :raw-html-m2r:``
86 | - `@javierbertoli `_
87 | - 3
88 | * - :raw-html-m2r:``
89 | - `@johtso `_
90 | - 3
91 | * - :raw-html-m2r:``
92 | - `@TJuberg `_
93 | - 3
94 | * - :raw-html-m2r:``
95 | - `@outime `_
96 | - 3
97 | * - :raw-html-m2r:``
98 | - `@ashokrajar `_
99 | - 3
100 | * - :raw-html-m2r:``
101 | - `@0xf10e `_
102 | - 3
103 | * - :raw-html-m2r:``
104 | - `@jasonvoor `_
105 | - 3
106 | * - :raw-html-m2r:``
107 | - `@IMBArator `_
108 | - 3
109 | * - :raw-html-m2r:``
110 | - `@auser `_
111 | - 3
112 | * - :raw-html-m2r:``
113 | - `@hipikat `_
114 | - 2
115 | * - :raw-html-m2r:``
116 | - `@amontalban `_
117 | - 2
118 | * - :raw-html-m2r:``
119 | - `@sacr0 `_
120 | - 2
121 | * - :raw-html-m2r:``
122 | - `@bsundsrud `_
123 | - 2
124 | * - :raw-html-m2r:``
125 | - `@iggy `_
126 | - 2
127 | * - :raw-html-m2r:``
128 | - `@eedgar `_
129 | - 2
130 | * - :raw-html-m2r:``
131 | - `@duk3luk3 `_
132 | - 2
133 | * - :raw-html-m2r:``
134 | - `@jerryjvl `_
135 | - 2
136 | * - :raw-html-m2r:``
137 | - `@t0fik `_
138 | - 2
139 | * - :raw-html-m2r:``
140 | - `@xenophonf `_
141 | - 2
142 | * - :raw-html-m2r:``
143 | - `@rhertzog `_
144 | - 2
145 | * - :raw-html-m2r:``
146 | - `@roedie `_
147 | - 2
148 | * - :raw-html-m2r:``
149 | - `@sevrob `_
150 | - 2
151 | * - :raw-html-m2r:``
152 | - `@qno `_
153 | - 2
154 | * - :raw-html-m2r:``
155 | - `@tomduijf `_
156 | - 2
157 | * - :raw-html-m2r:``
158 | - `@xen0n `_
159 | - 2
160 | * - :raw-html-m2r:``
161 | - `@jraby `_
162 | - 2
163 | * - :raw-html-m2r:``
164 | - `@luitzifa `_
165 | - 2
166 | * - :raw-html-m2r:``
167 | - `@gnuts `_
168 | - 2
169 | * - :raw-html-m2r:``
170 | - `@sroegner `_
171 | - 2
172 | * - :raw-html-m2r:``
173 | - `@c10b10 `_
174 | - 1
175 | * - :raw-html-m2r:``
176 | - `@andrew-vant `_
177 | - 1
178 | * - :raw-html-m2r:``
179 | - `@colekowalski `_
180 | - 1
181 | * - :raw-html-m2r:``
182 | - `@baby-gnu `_
183 | - 1
184 | * - :raw-html-m2r:``
185 | - `@UtahDave `_
186 | - 1
187 | * - :raw-html-m2r:``
188 | - `@diegows `_
189 | - 1
190 | * - :raw-html-m2r:``
191 | - `@daks `_
192 | - 1
193 | * - :raw-html-m2r:``
194 | - `@mitt-fn `_
195 | - 1
196 | * - :raw-html-m2r:``
197 | - `@cornmander `_
198 | - 1
199 | * - :raw-html-m2r:``
200 | - `@glecoquierre `_
201 | - 1
202 | * - :raw-html-m2r:``
203 | - `@dulgheru `_
204 | - 1
205 | * - :raw-html-m2r:``
206 | - `@inthecloud247 `_
207 | - 1
208 | * - :raw-html-m2r:``
209 | - `@chenmen `_
210 | - 1
211 | * - :raw-html-m2r:``
212 | - `@philpep `_
213 | - 1
214 | * - :raw-html-m2r:``
215 | - `@ChronoPositron `_
216 | - 1
217 | * - :raw-html-m2r:``
218 | - `@Cottser `_
219 | - 1
220 | * - :raw-html-m2r:``
221 | - `@SMillerDev `_
222 | - 1
223 | * - :raw-html-m2r:``
224 | - `@skandyla `_
225 | - 1
226 | * - :raw-html-m2r:``
227 | - `@iamseth `_
228 | - 1
229 | * - :raw-html-m2r:``
230 | - `@shawnbutts `_
231 | - 1
232 | * - :raw-html-m2r:``
233 | - `@smlloyd `_
234 | - 1
235 | * - :raw-html-m2r:``
236 | - `@SkypLabs `_
237 | - 1
238 | * - :raw-html-m2r:``
239 | - `@slawekp `_
240 | - 1
241 | * - :raw-html-m2r:``
242 | - `@soniah `_
243 | - 1
244 | * - :raw-html-m2r:``
245 | - `@titilambert `_
246 | - 1
247 | * - :raw-html-m2r:``
248 | - `@TimJones `_
249 | - 1
250 | * - :raw-html-m2r:``
251 | - `@tobio `_
252 | - 1
253 | * - :raw-html-m2r:``
254 | - `@tomasfejfar `_
255 | - 1
256 | * - :raw-html-m2r:``
257 | - `@unilogicbv `_
258 | - 1
259 | * - :raw-html-m2r:``
260 | - `@adnanJP `_
261 | - 1
262 | * - :raw-html-m2r:``
263 | - `@ketzacoatl `_
264 | - 1
265 | * - :raw-html-m2r:``
266 | - `@mikepietruszka `_
267 | - 1
268 | * - :raw-html-m2r:``
269 | - `@nike38rus `_
270 | - 1
271 |
272 |
273 | ----
274 |
275 | Auto-generated by a `forked version `_ of `gaocegege/maintainer `_ on 2022-06-09.
276 |
--------------------------------------------------------------------------------
/docs/CHANGELOG.rst:
--------------------------------------------------------------------------------
1 |
2 | Changelog
3 | =========
4 |
5 | `0.48.8 `_ (2022-06-09)
6 | ----------------------------------------------------------------------------------------------------------
7 |
8 | Bug Fixes
9 | ^^^^^^^^^
10 |
11 |
12 | * **googleauth:** ensure newline is preserved in ``repl`` of ``file.replace`` (\ `1dd5f32 `_\ )
13 |
14 | Continuous Integration
15 | ^^^^^^^^^^^^^^^^^^^^^^
16 |
17 |
18 | * update ``pre-commit`` configuration inc. for pre-commit.ci [skip ci] (\ `8dce714 `_\ )
19 | * **kitchen+gitlab:** update for new pre-salted images [skip ci] (\ `6ebb05a `_\ )
20 |
21 | Tests
22 | ^^^^^
23 |
24 |
25 | * **system:** add ``build_platform_codename`` [skip ci] (\ `95cefb3 `_\ )
26 | * **system.rb:** add support for ``mac_os_x`` [skip ci] (\ `321fdcf `_\ )
27 |
28 | `0.48.7 `_ (2022-02-13)
29 | ----------------------------------------------------------------------------------------------------------
30 |
31 | Code Refactoring
32 | ^^^^^^^^^^^^^^^^
33 |
34 |
35 | * **salt-lint:** fix violation (\ `696139a `_\ )
36 |
37 | Continuous Integration
38 | ^^^^^^^^^^^^^^^^^^^^^^
39 |
40 |
41 | * update linters to latest versions [skip ci] (\ `a4fb2c6 `_\ )
42 | * **3003.1:** update inc. AlmaLinux, Rocky & ``rst-lint`` [skip ci] (\ `ec9506d `_\ )
43 | * **commitlint:** ensure ``upstream/master`` uses main repo URL [skip ci] (\ `2f0db66 `_\ )
44 | * **gemfile:** allow rubygems proxy to be provided as an env var [skip ci] (\ `47cfe0e `_\ )
45 | * **gemfile+lock:** use ``ssf`` customised ``inspec`` repo [skip ci] (\ `6ad3c6a `_\ )
46 | * **gemfile+lock:** use ``ssf`` customised ``kitchen-docker`` repo [skip ci] (\ `8698fa5 `_\ )
47 | * **gitlab-ci:** add ``rubocop`` linter (with ``allow_failure``\ ) [skip ci] (\ `9b8b6e6 `_\ )
48 | * **gitlab-ci:** use GitLab CI as Travis CI replacement (\ `3c879df `_\ )
49 | * **kitchen:** move ``provisioner`` block & update ``run_command`` [skip ci] (\ `72c64ad `_\ )
50 | * **kitchen+ci:** update with ``3004`` pre-salted images/boxes [skip ci] (\ `4a8452a `_\ )
51 | * **kitchen+ci:** update with latest ``3003.2`` pre-salted images [skip ci] (\ `6de2acb `_\ )
52 | * **kitchen+ci:** update with latest CVE pre-salted images [skip ci] (\ `22c21e4 `_\ )
53 | * **kitchen+ci:** use latest pre-salted images (after CVE) [skip ci] (\ `dabc4b7 `_\ )
54 | * **kitchen+gitlab:** adjust matrix to add ``3003`` [skip ci] (\ `34c757a `_\ )
55 | * **kitchen+gitlab:** remove Ubuntu 16.04 & Fedora 32 (EOL) [skip ci] (\ `3935693 `_\ )
56 | * **kitchen+gitlab:** update for new pre-salted images [skip ci] (\ `0bff9fb `_\ )
57 | * add ``arch-master`` to matrix and update ``.travis.yml`` [skip ci] (\ `632dc3c `_\ )
58 | * add Debian 11 Bullseye & update ``yamllint`` configuration [skip ci] (\ `0c49302 `_\ )
59 | * **kitchen+gitlab-ci:** use latest pre-salted images [skip ci] (\ `c260fe7 `_\ )
60 | * **pre-commit:** add to formula [skip ci] (\ `d0e7c0a `_\ )
61 | * **pre-commit:** enable/disable ``rstcheck`` as relevant [skip ci] (\ `013b2cd `_\ )
62 | * **pre-commit:** finalise ``rstcheck`` configuration [skip ci] (\ `89c3c8f `_\ )
63 | * **pre-commit:** update hook for ``rubocop`` [skip ci] (\ `0e7c6a3 `_\ )
64 |
65 | Documentation
66 | ^^^^^^^^^^^^^
67 |
68 |
69 | * **readme:** fix headings [skip ci] (\ `7d06cd5 `_\ )
70 |
71 | Tests
72 | ^^^^^
73 |
74 |
75 | * standardise use of ``share`` suite & ``_mapdata`` state [skip ci] (\ `2a7c0de `_\ )
76 |
77 | `0.48.6 `_ (2020-10-02)
78 | ----------------------------------------------------------------------------------------------------------
79 |
80 | Styles
81 | ^^^^^^
82 |
83 |
84 | * quote numbers and file modes (\ `db30289 `_\ )
85 |
86 | `0.48.5 `_ (2020-07-25)
87 | ----------------------------------------------------------------------------------------------------------
88 |
89 | Bug Fixes
90 | ^^^^^^^^^
91 |
92 |
93 | * **macos:** gid must be numeric on macos (\ `9517e4b `_\ )
94 |
95 | Continuous Integration
96 | ^^^^^^^^^^^^^^^^^^^^^^
97 |
98 |
99 | * **gemfile:** restrict ``train`` gem version until upstream fix [skip ci] (\ `40f8e2d `_\ )
100 | * **gemfile.lock:** add to repo with updated ``Gemfile`` [skip ci] (\ `ad7e8f7 `_\ )
101 | * **kitchen:** avoid using bootstrap for ``master`` instances [skip ci] (\ `4441c59 `_\ )
102 | * **kitchen:** use ``saltimages`` Docker Hub where available [skip ci] (\ `c12272e `_\ )
103 | * **kitchen+travis:** remove ``master-py2-arch-base-latest`` [skip ci] (\ `892868f `_\ )
104 | * **travis:** add notifications => zulip [skip ci] (\ `628a430 `_\ )
105 | * **travis:** apply changes from build config validation [skip ci] (\ `9f76672 `_\ )
106 | * **travis:** opt-in to ``dpl v2`` to complete build config validation [skip ci] (\ `9a983a4 `_\ )
107 | * **travis:** quote pathspecs used with ``git ls-files`` [skip ci] (\ `f9f8f13 `_\ )
108 | * **travis:** run ``shellcheck`` during lint job [skip ci] (\ `e09c822 `_\ )
109 | * **travis:** use ``major.minor`` for ``semantic-release`` version [skip ci] (\ `0afebc6 `_\ )
110 | * **travis:** use build config validation (beta) [skip ci] (\ `0ddb90e `_\ )
111 | * **workflows/commitlint:** add to repo [skip ci] (\ `7419dda `_\ )
112 |
113 | `0.48.4 `_ (2019-11-08)
114 | ----------------------------------------------------------------------------------------------------------
115 |
116 | Bug Fixes
117 | ^^^^^^^^^
118 |
119 |
120 | * **vimrc:** ensure ``vimrc`` state runs (\ `a1ef7e5 `_\ )
121 |
122 | Continuous Integration
123 | ^^^^^^^^^^^^^^^^^^^^^^
124 |
125 |
126 | * **kitchen:** use ``develop`` image until ``master`` is ready (\ ``amazonlinux``\ ) [skip ci] (\ `852dff2 `_\ )
127 | * **kitchen+travis+inspec:** add ``vimrc`` suite (\ `a263a62 `_\ )
128 |
129 | Tests
130 | ^^^^^
131 |
132 |
133 | * **inspec:** add test to check ``.vimrc`` file is generated properly (\ `569e927 `_\ )
134 | * **pillar:** add test pillar to generate ``.vimrc`` file (\ `86144be `_\ )
135 |
136 | `0.48.3 `_ (2019-11-02)
137 | ----------------------------------------------------------------------------------------------------------
138 |
139 | Bug Fixes
140 | ^^^^^^^^^
141 |
142 |
143 | * **pillars:** ensure ``addusers`` & ``delusers`` are lists (\ `b31c592 `_\ )
144 | * **release.config.js:** use full commit hash in commit link [skip ci] (\ `8df4d39 `_\ )
145 |
146 | Continuous Integration
147 | ^^^^^^^^^^^^^^^^^^^^^^
148 |
149 |
150 | * **kitchen:** use ``debian-10-master-py3`` instead of ``develop`` [skip ci] (\ `9ee7636 `_\ )
151 | * **kitchen+travis:** upgrade matrix after ``2019.2.2`` release [skip ci] (\ `1d9a5ef `_\ )
152 | * **travis:** update ``salt-lint`` config for ``v0.0.10`` [skip ci] (\ `60ee61d `_\ )
153 |
154 | Documentation
155 | ^^^^^^^^^^^^^
156 |
157 |
158 | * **contributing:** remove to use org-level file instead [skip ci] (\ `7c55ef0 `_\ )
159 | * **readme:** update link to ``CONTRIBUTING`` [skip ci] (\ `2a88765 `_\ )
160 |
161 | Performance Improvements
162 | ^^^^^^^^^^^^^^^^^^^^^^^^
163 |
164 |
165 | * **travis:** improve ``salt-lint`` invocation [skip ci] (\ `b45914e `_\ )
166 |
167 | `0.48.2 `_ (2019-10-11)
168 | ----------------------------------------------------------------------------------------------------------
169 |
170 | Bug Fixes
171 | ^^^^^^^^^
172 |
173 |
174 | * **rubocop:** add fixes using ``rubocop --safe-auto-correct`` (\ ` `_\ )
175 |
176 | Continuous Integration
177 | ^^^^^^^^^^^^^^^^^^^^^^
178 |
179 |
180 | * merge travis matrix, add ``salt-lint`` & ``rubocop`` to ``lint`` job (\ ` `_\ )
181 | * **travis:** merge ``rubocop`` linter into main ``lint`` job (\ ` `_\ )
182 |
183 | `0.48.1 `_ (2019-10-10)
184 | ----------------------------------------------------------------------------------------------------------
185 |
186 | Bug Fixes
187 | ^^^^^^^^^
188 |
189 |
190 | * **googleauth.sls:** fix ``salt-lint`` errors (\ ` `_\ )
191 | * **init.sls:** fix ``salt-lint`` errors (\ ` `_\ )
192 | * **sudo.sls:** fix ``salt-lint`` errors (\ ` `_\ )
193 |
194 | Continuous Integration
195 | ^^^^^^^^^^^^^^^^^^^^^^
196 |
197 |
198 | * **kitchen:** change ``log_level`` to ``debug`` instead of ``info`` (\ ` `_\ )
199 | * **kitchen:** install required packages to bootstrapped ``opensuse`` [skip ci] (\ ` `_\ )
200 | * **kitchen:** use bootstrapped ``opensuse`` images until ``2019.2.2`` [skip ci] (\ ` `_\ )
201 | * **platform:** add ``arch-base-latest`` (commented out for now) [skip ci] (\ ` `_\ )
202 | * **yamllint:** add rule ``empty-values`` & use new ``yaml-files`` setting (\ ` `_\ )
203 | * merge travis matrix, add ``salt-lint`` & ``rubocop`` to ``lint`` job (\ ` `_\ )
204 | * use ``dist: bionic`` & apply ``opensuse-leap-15`` SCP error workaround (\ ` `_\ )
205 |
206 | `0.48.0 `_ (2019-08-17)
207 | ----------------------------------------------------------------------------------------------------------
208 |
209 | Features
210 | ^^^^^^^^
211 |
212 |
213 | * **yamllint:** include for this repo and apply rules throughout (\ `fa6210d `_\ )
214 |
215 | `0.47.0 `_ (2019-08-07)
216 | ----------------------------------------------------------------------------------------------------------
217 |
218 | Features
219 | ^^^^^^^^
220 |
221 |
222 | * **semantic-release:** implement for this formula (\ `3bcdc90 `_\ ), closes `#203 `_
223 |
--------------------------------------------------------------------------------
/docs/README.rst:
--------------------------------------------------------------------------------
1 | users-formula
2 | =============
3 |
4 | |img_travis| |img_sr|
5 |
6 | .. |img_travis| image:: https://travis-ci.com/saltstack-formulas/users-formula.svg?branch=master
7 | :alt: Travis CI Build Status
8 | :scale: 100%
9 | :target: https://travis-ci.com/saltstack-formulas/users-formula
10 | .. |img_sr| image:: https://img.shields.io/badge/%20%20%F0%9F%93%A6%F0%9F%9A%80-semantic--release-e10079.svg
11 | :alt: Semantic Release
12 | :scale: 100%
13 | :target: https://github.com/semantic-release/semantic-release
14 |
15 | Formula to configure users via pillar.
16 |
17 | .. contents:: **Table of Contents**
18 |
19 | General notes
20 | -------------
21 |
22 | See the full `SaltStack Formulas installation and usage instructions
23 | `_.
24 |
25 | If you are interested in writing or contributing to formulas, please pay attention to the `Writing Formula Section
26 | `_.
27 |
28 | If you want to use this formula, please pay attention to the ``FORMULA`` file and/or ``git tag``,
29 | which contains the currently released version. This formula is versioned according to `Semantic Versioning `_.
30 |
31 | See `Formula Versioning Section `_ for more details.
32 |
33 | Contributing to this repo
34 | -------------------------
35 |
36 | **Commit message formatting is significant!!**
37 |
38 | Please see `How to contribute `_ for more details.
39 |
40 | Available states
41 | ----------------
42 |
43 | .. contents::
44 | :local:
45 |
46 | ``users``
47 | ^^^^^^^^^
48 |
49 | Configures a user's home directory, group, the user itself, secondary groups,
50 | and associated keys. Also configures sudo access, and absent users.
51 |
52 | ``users.sudo``
53 | ^^^^^^^^^^^^^^
54 |
55 | Ensures the sudo group exists, the sudo package is installed and the sudo file
56 | is configured.
57 |
58 | ``users.bashrc``
59 | ^^^^^^^^^^^^^^^^
60 |
61 | Ensures the bashrc file exists in the users home directory. Sets 'manage_bashrc:
62 | True' in pillar per user. Defaults to False.
63 |
64 | ``users.profile``
65 | ^^^^^^^^^^^^^^^^^
66 |
67 | Ensures the profile file exists in the users home directory. Sets 'manage_profile:
68 | True' in pillar per user. Defaults to False.
69 |
70 | ``users.vimrc``
71 | ^^^^^^^^^^^^^^^
72 |
73 | Ensures the vimrc file exists in the users home directory. Sets 'manage_vimrc:
74 | True' in pillar per user. Defaults to False.
75 | This depends on the vim-formula being available and pillar `users:use_vim_formula: True`.
76 |
77 | ``users.user_files``
78 | ^^^^^^^^^^^^^^^^^^^^
79 |
80 | Permits the abitrary management of files. See pillar.example for configuration details.
81 |
82 | Overriding default values
83 | -------------------------
84 |
85 | In order to separate actual user account definitions from configuration the pillar ``users-formula`` was introduced:
86 |
87 | .. code-block:: yaml
88 |
89 | users:
90 | myuser:
91 | # stuff
92 |
93 | users-formula:
94 | lookup:
95 | root_group: toor
96 | shell: '/bin/zsh'
97 |
98 | Testing
99 | -------
100 |
101 | Linux testing is done with ``kitchen-salt``.
102 |
103 | Requirements
104 | ^^^^^^^^^^^^
105 |
106 | * Ruby
107 | * Docker
108 |
109 | .. code-block:: bash
110 |
111 | $ gem install bundler
112 | $ bundle install
113 | $ bin/kitchen test [platform]
114 |
115 | Where ``[platform]`` is the platform name defined in ``kitchen.yml``,
116 | e.g. ``debian-9-2019-2-py3``.
117 |
118 | ``bin/kitchen converge``
119 | ^^^^^^^^^^^^^^^^^^^^^^^^
120 |
121 | Creates the docker instance and runs the ``template`` main state, ready for testing.
122 |
123 | ``bin/kitchen verify``
124 | ^^^^^^^^^^^^^^^^^^^^^^
125 |
126 | Runs the ``inspec`` tests on the actual instance.
127 |
128 | ``bin/kitchen destroy``
129 | ^^^^^^^^^^^^^^^^^^^^^^^
130 |
131 | Removes the docker instance.
132 |
133 | ``bin/kitchen test``
134 | ^^^^^^^^^^^^^^^^^^^^
135 |
136 | Runs all of the stages above in one go: i.e. ``destroy`` + ``converge`` + ``verify`` + ``destroy``.
137 |
138 | ``bin/kitchen login``
139 | ^^^^^^^^^^^^^^^^^^^^^
140 |
141 | Gives you SSH access to the instance for manual testing.
142 |
--------------------------------------------------------------------------------
/kitchen.yml:
--------------------------------------------------------------------------------
1 | # -*- coding: utf-8 -*-
2 | # vim: ft=yaml
3 | ---
4 | # For help on this file's format, see https://kitchen.ci/
5 | driver:
6 | name: docker
7 | use_sudo: false
8 | privileged: true
9 | run_command: /usr/lib/systemd/systemd
10 |
11 | provisioner:
12 | name: salt_solo
13 | log_level: debug
14 | salt_install: none
15 | require_chef: false
16 | formula: users
17 | salt_copy_filter:
18 | - .kitchen
19 | - .git
20 |
21 | platforms:
22 | ## SALT `tiamat`
23 | - name: debian-11-tiamat-py3
24 | driver:
25 | image: saltimages/salt-tiamat-py3:debian-11
26 | run_command: /lib/systemd/systemd
27 | - name: debian-10-tiamat-py3
28 | driver:
29 | image: saltimages/salt-tiamat-py3:debian-10
30 | run_command: /lib/systemd/systemd
31 | - name: debian-9-tiamat-py3
32 | driver:
33 | image: saltimages/salt-tiamat-py3:debian-9
34 | run_command: /lib/systemd/systemd
35 | - name: ubuntu-2204-tiamat-py3
36 | driver:
37 | image: saltimages/salt-tiamat-py3:ubuntu-22.04
38 | run_command: /lib/systemd/systemd
39 | - name: ubuntu-2004-tiamat-py3
40 | driver:
41 | image: saltimages/salt-tiamat-py3:ubuntu-20.04
42 | run_command: /lib/systemd/systemd
43 | - name: ubuntu-1804-tiamat-py3
44 | driver:
45 | image: saltimages/salt-tiamat-py3:ubuntu-18.04
46 | run_command: /lib/systemd/systemd
47 | - name: centos-stream8-tiamat-py3
48 | driver:
49 | image: saltimages/salt-tiamat-py3:centos-stream8
50 | - name: centos-7-tiamat-py3
51 | driver:
52 | image: saltimages/salt-tiamat-py3:centos-7
53 | - name: amazonlinux-2-tiamat-py3
54 | driver:
55 | image: saltimages/salt-tiamat-py3:amazonlinux-2
56 | - name: oraclelinux-8-tiamat-py3
57 | driver:
58 | image: saltimages/salt-tiamat-py3:oraclelinux-8
59 | - name: oraclelinux-7-tiamat-py3
60 | driver:
61 | image: saltimages/salt-tiamat-py3:oraclelinux-7
62 | - name: almalinux-8-tiamat-py3
63 | driver:
64 | image: saltimages/salt-tiamat-py3:almalinux-8
65 | - name: rockylinux-8-tiamat-py3
66 | driver:
67 | image: saltimages/salt-tiamat-py3:rockylinux-8
68 |
69 | ## SALT `master`
70 | - name: debian-11-master-py3
71 | driver:
72 | image: saltimages/salt-master-py3:debian-11
73 | run_command: /lib/systemd/systemd
74 | - name: debian-10-master-py3
75 | driver:
76 | image: saltimages/salt-master-py3:debian-10
77 | run_command: /lib/systemd/systemd
78 | - name: debian-9-master-py3
79 | driver:
80 | image: saltimages/salt-master-py3:debian-9
81 | run_command: /lib/systemd/systemd
82 | - name: ubuntu-2204-master-py3
83 | driver:
84 | image: saltimages/salt-master-py3:ubuntu-22.04
85 | run_command: /lib/systemd/systemd
86 | - name: ubuntu-2004-master-py3
87 | driver:
88 | image: saltimages/salt-master-py3:ubuntu-20.04
89 | run_command: /lib/systemd/systemd
90 | - name: ubuntu-1804-master-py3
91 | driver:
92 | image: saltimages/salt-master-py3:ubuntu-18.04
93 | run_command: /lib/systemd/systemd
94 | - name: centos-stream8-master-py3
95 | driver:
96 | image: saltimages/salt-master-py3:centos-stream8
97 | - name: centos-7-master-py3
98 | driver:
99 | image: saltimages/salt-master-py3:centos-7
100 | - name: fedora-36-master-py3
101 | driver:
102 | image: saltimages/salt-master-py3:fedora-36
103 | - name: fedora-35-master-py3
104 | driver:
105 | image: saltimages/salt-master-py3:fedora-35
106 | - name: opensuse-leap-153-master-py3
107 | driver:
108 | image: saltimages/salt-master-py3:opensuse-leap-15.3
109 | # Workaround to avoid intermittent failures on `opensuse-leap-15.3`:
110 | # => SCP did not finish successfully (255): (Net::SCP::Error)
111 | transport:
112 | max_ssh_sessions: 1
113 | - name: opensuse-tmbl-latest-master-py3
114 | driver:
115 | image: saltimages/salt-master-py3:opensuse-tumbleweed-latest
116 | # Workaround to avoid intermittent failures on `opensuse-tumbleweed`:
117 | # => SCP did not finish successfully (255): (Net::SCP::Error)
118 | transport:
119 | max_ssh_sessions: 1
120 | - name: amazonlinux-2-master-py3
121 | driver:
122 | image: saltimages/salt-master-py3:amazonlinux-2
123 | - name: oraclelinux-8-master-py3
124 | driver:
125 | image: saltimages/salt-master-py3:oraclelinux-8
126 | - name: oraclelinux-7-master-py3
127 | driver:
128 | image: saltimages/salt-master-py3:oraclelinux-7
129 | - name: arch-base-latest-master-py3
130 | driver:
131 | image: saltimages/salt-master-py3:arch-base-latest
132 | - name: gentoo-stage3-latest-master-py3
133 | driver:
134 | image: saltimages/salt-master-py3:gentoo-stage3-latest
135 | run_command: /sbin/init
136 | - name: gentoo-stage3-systemd-master-py3
137 | driver:
138 | image: saltimages/salt-master-py3:gentoo-stage3-systemd
139 | - name: almalinux-8-master-py3
140 | driver:
141 | image: saltimages/salt-master-py3:almalinux-8
142 | - name: rockylinux-8-master-py3
143 | driver:
144 | image: saltimages/salt-master-py3:rockylinux-8
145 |
146 | ## SALT `3004.1`
147 | - name: debian-11-3004-1-py3
148 | driver:
149 | image: saltimages/salt-3004.1-py3:debian-11
150 | run_command: /lib/systemd/systemd
151 | - name: debian-10-3004-1-py3
152 | driver:
153 | image: saltimages/salt-3004.1-py3:debian-10
154 | run_command: /lib/systemd/systemd
155 | - name: debian-9-3004-1-py3
156 | driver:
157 | image: saltimages/salt-3004.1-py3:debian-9
158 | run_command: /lib/systemd/systemd
159 | - name: ubuntu-2204-3004-1-py3
160 | driver:
161 | image: saltimages/salt-3004.1-py3:ubuntu-22.04
162 | run_command: /lib/systemd/systemd
163 | - name: ubuntu-2004-3004-1-py3
164 | driver:
165 | image: saltimages/salt-3004.1-py3:ubuntu-20.04
166 | run_command: /lib/systemd/systemd
167 | - name: ubuntu-1804-3004-1-py3
168 | driver:
169 | image: saltimages/salt-3004.1-py3:ubuntu-18.04
170 | run_command: /lib/systemd/systemd
171 | - name: centos-stream8-3004-1-py3
172 | driver:
173 | image: saltimages/salt-3004.1-py3:centos-stream8
174 | - name: centos-7-3004-1-py3
175 | driver:
176 | image: saltimages/salt-3004.1-py3:centos-7
177 | - name: fedora-36-3004-1-py3
178 | driver:
179 | image: saltimages/salt-3004.1-py3:fedora-36
180 | - name: fedora-35-3004-1-py3
181 | driver:
182 | image: saltimages/salt-3004.1-py3:fedora-35
183 | - name: amazonlinux-2-3004-1-py3
184 | driver:
185 | image: saltimages/salt-3004.1-py3:amazonlinux-2
186 | - name: oraclelinux-8-3004-1-py3
187 | driver:
188 | image: saltimages/salt-3004.1-py3:oraclelinux-8
189 | - name: oraclelinux-7-3004-1-py3
190 | driver:
191 | image: saltimages/salt-3004.1-py3:oraclelinux-7
192 | - name: arch-base-latest-3004-1-py3
193 | driver:
194 | image: saltimages/salt-3004.1-py3:arch-base-latest
195 | - name: gentoo-stage3-latest-3004-1-py3
196 | driver:
197 | image: saltimages/salt-3004.1-py3:gentoo-stage3-latest
198 | run_command: /sbin/init
199 | - name: gentoo-stage3-systemd-3004-1-py3
200 | driver:
201 | image: saltimages/salt-3004.1-py3:gentoo-stage3-systemd
202 | - name: almalinux-8-3004-1-py3
203 | driver:
204 | image: saltimages/salt-3004.1-py3:almalinux-8
205 | - name: rockylinux-8-3004-1-py3
206 | driver:
207 | image: saltimages/salt-3004.1-py3:rockylinux-8
208 |
209 | ## SALT `3004.0`
210 | - name: opensuse-leap-153-3004-0-py3
211 | driver:
212 | image: saltimages/salt-3004.0-py3:opensuse-leap-15.3
213 | # Workaround to avoid intermittent failures on `opensuse-leap-15.3`:
214 | # => SCP did not finish successfully (255): (Net::SCP::Error)
215 | transport:
216 | max_ssh_sessions: 1
217 | - name: opensuse-tmbl-latest-3004-0-py3
218 | driver:
219 | image: saltimages/salt-3004.0-py3:opensuse-tumbleweed-latest
220 | # Workaround to avoid intermittent failures on `opensuse-tumbleweed`:
221 | # => SCP did not finish successfully (255): (Net::SCP::Error)
222 | transport:
223 | max_ssh_sessions: 1
224 |
225 | ## SALT `3003.4`
226 | - name: debian-10-3003-4-py3
227 | driver:
228 | image: saltimages/salt-3003.4-py3:debian-10
229 | run_command: /lib/systemd/systemd
230 | - name: debian-9-3003-4-py3
231 | driver:
232 | image: saltimages/salt-3003.4-py3:debian-9
233 | run_command: /lib/systemd/systemd
234 | - name: ubuntu-2004-3003-4-py3
235 | driver:
236 | image: saltimages/salt-3003.4-py3:ubuntu-20.04
237 | run_command: /lib/systemd/systemd
238 | - name: ubuntu-1804-3003-4-py3
239 | driver:
240 | image: saltimages/salt-3003.4-py3:ubuntu-18.04
241 | run_command: /lib/systemd/systemd
242 | - name: centos-stream8-3003-4-py3
243 | driver:
244 | image: saltimages/salt-3003.4-py3:centos-stream8
245 | - name: centos-7-3003-4-py3
246 | driver:
247 | image: saltimages/salt-3003.4-py3:centos-7
248 | - name: amazonlinux-2-3003-4-py3
249 | driver:
250 | image: saltimages/salt-3003.4-py3:amazonlinux-2
251 | - name: oraclelinux-8-3003-4-py3
252 | driver:
253 | image: saltimages/salt-3003.4-py3:oraclelinux-8
254 | - name: oraclelinux-7-3003-4-py3
255 | driver:
256 | image: saltimages/salt-3003.4-py3:oraclelinux-7
257 | - name: almalinux-8-3003-4-py3
258 | driver:
259 | image: saltimages/salt-3003.4-py3:almalinux-8
260 |
261 | verifier:
262 | # https://www.inspec.io/
263 | name: inspec
264 | sudo: true
265 | reporter:
266 | # cli, documentation, html, progress, json, json-min, json-rspec, junit
267 | - cli
268 |
269 | suites:
270 | - name: default
271 | provisioner:
272 | state_top:
273 | base:
274 | '*':
275 | - users._mapdata
276 | - users
277 | pillars:
278 | top.sls:
279 | base:
280 | '*':
281 | - users
282 | pillars_from_files:
283 | users.sls: test/salt/pillar/default.sls
284 | verifier:
285 | inspec_tests:
286 | - path: test/integration/default
287 | - name: vimrc
288 | provisioner:
289 | dependencies:
290 | - name: vim
291 | repo: git
292 | source: https://github.com/saltstack-formulas/vim-formula.git
293 | state_top:
294 | base:
295 | '*':
296 | - users._mapdata
297 | - users.vimrc
298 | pillars:
299 | top.sls:
300 | base:
301 | '*':
302 | - users
303 | - vimrc
304 | pillars_from_files:
305 | users.sls: test/salt/pillar/default.sls
306 | vimrc.sls: test/salt/pillar/vimrc.sls
307 | verifier:
308 | inspec_tests:
309 | - path: test/integration/default
310 | - path: test/integration/vimrc
311 |
--------------------------------------------------------------------------------
/pillar.example:
--------------------------------------------------------------------------------
1 | # -*- coding: utf-8 -*-
2 | # vim: ft=yaml
3 | ---
4 | users-formula:
5 | use_vim_formula: true
6 | lookup: # override the defauls in map.jinja
7 | root_group: root
8 |
9 | # group initialization
10 | groups:
11 | foo:
12 | state: present
13 | gid: 1500
14 | system: false
15 | badguys:
16 | absent: true
17 | niceguys:
18 | gid: 4242
19 | system: false
20 | addusers:
21 | - root
22 | delusers:
23 | - toor
24 | ssl-cert:
25 | system: true
26 | members:
27 | - www-data
28 | - openldap
29 |
30 | users:
31 | ## Minimal required pillar values
32 | auser:
33 | fullname: A User
34 |
35 | ## Full list of pillar values
36 | buser:
37 | fullname: B User
38 | password: $6$w.............
39 | enforce_password: true
40 | # WARNING: If 'empty_password' is set to true, the 'password' statement
41 | # will be ignored by enabling password-less login for the user.
42 | empty_password: false
43 | hash_password: false
44 | system: false
45 | home: /custom/buser
46 | homedir_owner: buser
47 | homedir_group: primarygroup
48 | user_dir_mode: 750
49 | createhome: true
50 | roomnumber: "A-1"
51 | workphone: "(555) 555-5555"
52 | homephone: "(555) 555-5551"
53 | manage_vimrc: false
54 | allow_gid_change: false
55 | manage_bashrc: false
56 | manage_profile: false
57 | expire: 16426
58 | # Disables user management except sudo rules.
59 | # Useful for setting sudo rules for system accounts created by package instalation
60 | sudoonly: false
61 | sudouser: true
62 | # sudo_rules doesn't need the username as a prefix for the rule
63 | # this is added automatically by the formula.
64 | # ----------------------------------------------------------------------
65 | # In case your sudo_rules have a colon please have in mind to not leave
66 | # spaces around it. For example:
67 | # ALL=(ALL) NOPASSWD: ALL <--- THIS WILL NOT WORK (Besides syntax is ok)
68 | # ALL=(ALL) NOPASSWD:ALL <--- THIS WILL WORK
69 | sudo_rules:
70 | - ALL=(root) /usr/bin/find
71 | - ALL=(otheruser) /usr/bin/script.sh
72 | sudo_defaults:
73 | - '!requiretty'
74 | # enable polkitadmin to make user an AdminIdentity for polkit
75 | polkitadmin: true
76 | shell: /bin/bash
77 | remove_groups: false
78 | prime_group:
79 | name: primarygroup
80 | gid: 1501
81 | groups:
82 | - users
83 | optional_groups:
84 | - some_groups_that_might
85 | - not_exist_on_all_minions
86 | ssh_key_type: rsa
87 | ssh_keys:
88 | # You can inline the private keys ...
89 | # privkey: PRIVATEKEY
90 | # pubkey: PUBLICKEY
91 | # or you can provide path to key on Salt fileserver
92 | privkey: salt://path_to_PRIVATEKEY
93 | pubkey: salt://path_to_PUBLICKEY
94 | # you can provide multiple keys, the keyname is taken as filename
95 | # make sure your public keys suffix is .pub
96 | foobar: PRIVATEKEY
97 | foobar.pub: PUBLICKEY
98 | # ... or you can pull them from a different pillar,
99 | # for example one called "ssh_keys":
100 | ssh_keys_pillar:
101 | id_rsa: "ssh_keys"
102 | another_key_pair: "ssh_keys"
103 | ssh_auth:
104 | - PUBLICKEY
105 | ssh_auth.absent:
106 | - PUBLICKEY_TO_BE_REMOVED
107 | # Generates an authorized_keys file for the user
108 | # with the given keys
109 | ssh_auth_file:
110 | - PUBLICKEY
111 | # ... or you can pull them from a different pillar similar to ssh_keys_pillar
112 | ssh_auth_pillar:
113 | id_rsa: "ssh_keys"
114 | # If you prefer to keep public keys as files rather
115 | # than inline in pillar, this works.
116 | ssh_auth_sources:
117 | - salt://keys/buser.id_rsa.pub
118 | ssh_auth_sources.absent:
119 | - salt://keys/deleteduser.id_rsa.pub # PUBLICKEY_FILE_TO_BE_REMOVED
120 | # Manage the ~/.ssh/config file
121 | ssh_known_hosts:
122 | importanthost:
123 | port: 22
124 | fingerprint: 16:27:ac:a5:76:28:2d:36:63:1b:56:4d:eb:df:a6:48
125 | key: PUBLICKEY
126 | enc: ssh-rsa
127 | hash_known_hosts: true
128 | timeout: 5
129 | fingerprint_hash_type: sha256
130 | ssh_known_hosts.absent:
131 | - notimportanthost
132 | ssh_config:
133 | all:
134 | hostname: "*"
135 | options:
136 | - "StrictHostKeyChecking no"
137 | - "UserKnownHostsFile=/dev/null"
138 | importanthost:
139 | hostname: "needcheck.example.com"
140 | options:
141 | - "StrictHostKeyChecking yes"
142 |
143 | # Using gitconfig without Git installed will result in an error
144 | # https://docs.saltstack.com/en/latest/ref/states/all/salt.states.git.html:
145 | # This state module now requires git 1.6.5 (released 10 October 2009) or newer.
146 | gitconfig:
147 | user.name: B User
148 | user.email: buser@example.com
149 | "url.https://.insteadOf": "git://"
150 |
151 | gitconfig.absent:
152 | - push.default
153 | - color\..+
154 |
155 | google_2fa: true
156 | google_auth:
157 | sshd: |
158 | SOMEGAUTHHASHVAL
159 | " RESETTING_TIME_SKEW 46956472+2 46991595-2
160 | " RATE_LIMIT 3 30 1415800560
161 | " DISALLOW_REUSE 47193352
162 | " TOTP_AUTH
163 | 11111111
164 | 22222222
165 | 33333333
166 | 44444444
167 | 55555555
168 | # unique: true allows user to have non unique uid
169 | unique: false
170 | uid: 1001
171 |
172 | user_files:
173 | enabled: true
174 | # 'source' allows you to define an arbitrary directory to sync,
175 | # useful to use for default files.
176 | # should be a salt fileserver path either with or without 'salt://'
177 | # if not present, it defaults to 'salt://users/files/user/
178 | source: users/files
179 | # template: jinja
180 | # You can specify octal mode for files and symlinks that will be copied.
181 | # Since version 2016.11.0 it's possible to use 'keep' for file_mode,
182 | # to preserve file original mode, thus you can save execution bit for example.
183 | file_mode: keep
184 | # You can specify octal mode for directories as well.
185 | # This won't work on Windows minions
186 | # dir_mode: 775
187 | sym_mode: 640
188 | exclude_pat: "*.gitignore"
189 |
190 | ## Absent user
191 | cuser:
192 | absent: true
193 | purge: true
194 | force: true
195 |
196 |
197 | ## Old syntax of absent_users still supported
198 | absent_users:
199 | - donald
200 | - bad_guy
201 |
--------------------------------------------------------------------------------
/pre-commit_semantic-release.sh:
--------------------------------------------------------------------------------
1 | #!/bin/sh
2 |
3 | ###############################################################################
4 | # (A) Update `FORMULA` with `${nextRelease.version}`
5 | ###############################################################################
6 | sed -i -e "s_^\(version:\).*_\1 ${1}_" FORMULA
7 |
8 |
9 | ###############################################################################
10 | # (B) Use `m2r2` to convert automatically produced `.md` docs to `.rst`
11 | ###############################################################################
12 |
13 | # Install `m2r2`
14 | pip3 install m2r2
15 |
16 | # Copy and then convert the `.md` docs
17 | cp ./*.md docs/
18 | cd docs/ || exit
19 | m2r2 --overwrite ./*.md
20 |
21 | # Change excess `H1` headings to `H2` in converted `CHANGELOG.rst`
22 | sed -i -e '/^=.*$/s/=/-/g' CHANGELOG.rst
23 | sed -i -e '1,4s/-/=/g' CHANGELOG.rst
24 |
25 | # Use for debugging output, when required
26 | # cat AUTHORS.rst
27 | # cat CHANGELOG.rst
28 |
29 | # Return back to the main directory
30 | cd ..
31 |
--------------------------------------------------------------------------------
/release-rules.js:
--------------------------------------------------------------------------------
1 | // No release is triggered for the types commented out below.
2 | // Commits using these types will be incorporated into the next release.
3 | //
4 | // NOTE: Any changes here must be reflected in `CONTRIBUTING.md`.
5 | module.exports = [
6 | {breaking: true, release: 'major'},
7 | // {type: 'build', release: 'patch'},
8 | // {type: 'chore', release: 'patch'},
9 | // {type: 'ci', release: 'patch'},
10 | {type: 'docs', release: 'patch'},
11 | {type: 'feat', release: 'minor'},
12 | {type: 'fix', release: 'patch'},
13 | {type: 'perf', release: 'patch'},
14 | {type: 'refactor', release: 'patch'},
15 | {type: 'revert', release: 'patch'},
16 | {type: 'style', release: 'patch'},
17 | {type: 'test', release: 'patch'},
18 | ];
19 |
--------------------------------------------------------------------------------
/release.config.js:
--------------------------------------------------------------------------------
1 | module.exports = {
2 | branch: 'master',
3 | repositoryUrl: 'https://github.com/saltstack-formulas/users-formula',
4 | plugins: [
5 | ['@semantic-release/commit-analyzer', {
6 | preset: 'angular',
7 | releaseRules: './release-rules.js',
8 | }],
9 | '@semantic-release/release-notes-generator',
10 | ['@semantic-release/changelog', {
11 | changelogFile: 'CHANGELOG.md',
12 | changelogTitle: '# Changelog',
13 | }],
14 | ['@semantic-release/exec', {
15 | prepareCmd: 'sh ./pre-commit_semantic-release.sh ${nextRelease.version}',
16 | }],
17 | ['@semantic-release/git', {
18 | assets: ['*.md', 'docs/*.rst', 'FORMULA'],
19 | }],
20 | '@semantic-release/github',
21 | ],
22 | generateNotes: {
23 | preset: 'angular',
24 | writerOpts: {
25 | // Required due to upstream bug preventing all types being displayed.
26 | // Bug: https://github.com/conventional-changelog/conventional-changelog/issues/317
27 | // Fix: https://github.com/conventional-changelog/conventional-changelog/pull/410
28 | transform: (commit, context) => {
29 | const issues = []
30 |
31 | commit.notes.forEach(note => {
32 | note.title = `BREAKING CHANGES`
33 | })
34 |
35 | // NOTE: Any changes here must be reflected in `CONTRIBUTING.md`.
36 | if (commit.type === `feat`) {
37 | commit.type = `Features`
38 | } else if (commit.type === `fix`) {
39 | commit.type = `Bug Fixes`
40 | } else if (commit.type === `perf`) {
41 | commit.type = `Performance Improvements`
42 | } else if (commit.type === `revert`) {
43 | commit.type = `Reverts`
44 | } else if (commit.type === `docs`) {
45 | commit.type = `Documentation`
46 | } else if (commit.type === `style`) {
47 | commit.type = `Styles`
48 | } else if (commit.type === `refactor`) {
49 | commit.type = `Code Refactoring`
50 | } else if (commit.type === `test`) {
51 | commit.type = `Tests`
52 | } else if (commit.type === `build`) {
53 | commit.type = `Build System`
54 | // } else if (commit.type === `chore`) {
55 | // commit.type = `Maintenance`
56 | } else if (commit.type === `ci`) {
57 | commit.type = `Continuous Integration`
58 | } else {
59 | return
60 | }
61 |
62 | if (commit.scope === `*`) {
63 | commit.scope = ``
64 | }
65 |
66 | if (typeof commit.hash === `string`) {
67 | commit.shortHash = commit.hash.substring(0, 7)
68 | }
69 |
70 | if (typeof commit.subject === `string`) {
71 | let url = context.repository
72 | ? `${context.host}/${context.owner}/${context.repository}`
73 | : context.repoUrl
74 | if (url) {
75 | url = `${url}/issues/`
76 | // Issue URLs.
77 | commit.subject = commit.subject.replace(/#([0-9]+)/g, (_, issue) => {
78 | issues.push(issue)
79 | return `[#${issue}](${url}${issue})`
80 | })
81 | }
82 | if (context.host) {
83 | // User URLs.
84 | commit.subject = commit.subject.replace(/\B@([a-z0-9](?:-?[a-z0-9/]){0,38})/g, (_, username) => {
85 | if (username.includes('/')) {
86 | return `@${username}`
87 | }
88 |
89 | return `[@${username}](${context.host}/${username})`
90 | })
91 | }
92 | }
93 |
94 | // remove references that already appear in the subject
95 | commit.references = commit.references.filter(reference => {
96 | if (issues.indexOf(reference.issue) === -1) {
97 | return true
98 | }
99 |
100 | return false
101 | })
102 |
103 | return commit
104 | },
105 | },
106 | },
107 | };
108 |
--------------------------------------------------------------------------------
/test/integration/default/README.md:
--------------------------------------------------------------------------------
1 | # InSpec Profile: `default`
2 |
3 | This shows the implementation of the `default` InSpec [profile](https://github.com/inspec/inspec/blob/master/docs/profiles.md).
4 |
5 | ## Verify a profile
6 |
7 | InSpec ships with built-in features to verify a profile structure.
8 |
9 | ```bash
10 | $ inspec check default
11 | Summary
12 | -------
13 | Location: default
14 | Profile: profile
15 | Controls: 4
16 | Timestamp: 2019-06-24T23:09:01+00:00
17 | Valid: true
18 |
19 | Errors
20 | ------
21 |
22 | Warnings
23 | --------
24 | ```
25 |
26 | ## Execute a profile
27 |
28 | To run all **supported** controls on a local machine use `inspec exec /path/to/profile`.
29 |
30 | ```bash
31 | $ inspec exec default
32 | ..
33 |
34 | Finished in 0.0025 seconds (files took 0.12449 seconds to load)
35 | 8 examples, 0 failures
36 | ```
37 |
38 | ## Execute a specific control from a profile
39 |
40 | To run one control from the profile use `inspec exec /path/to/profile --controls name`.
41 |
42 | ```bash
43 | $ inspec exec default --controls package
44 | .
45 |
46 | Finished in 0.0025 seconds (files took 0.12449 seconds to load)
47 | 1 examples, 0 failures
48 | ```
49 |
50 | See an [example control here](https://github.com/inspec/inspec/blob/master/examples/profile/controls/example.rb).
51 |
--------------------------------------------------------------------------------
/test/integration/default/controls/config_spec.rb:
--------------------------------------------------------------------------------
1 | # frozen_string_literal: true
2 |
3 | control 'users configuration' do
4 | title 'should match desired lines'
5 |
6 | describe file('/custom/buser') do
7 | its('type') { should eq :directory }
8 | it { should be_owned_by 'buser' }
9 | it { should be_grouped_into 'primarygroup' }
10 | its('mode') { should cmp '0750' }
11 | end
12 | end
13 |
--------------------------------------------------------------------------------
/test/integration/default/inspec.yml:
--------------------------------------------------------------------------------
1 | # -*- coding: utf-8 -*-
2 | # vim: ft=yaml
3 | ---
4 | name: default
5 | title: users formula
6 | maintainer: SaltStack Formulas
7 | license: Apache-2.0
8 | summary: Verify that the users formula is setup and configured correctly
9 | depends:
10 | - name: share
11 | path: test/integration/share
12 | supports:
13 | - platform-name: debian
14 | - platform-name: ubuntu
15 | - platform-name: centos
16 | - platform-name: fedora
17 | - platform-name: opensuse
18 | - platform-name: suse
19 | - platform-name: freebsd
20 | - platform-name: openbsd
21 | - platform-name: amazon
22 | - platform-name: oracle
23 | - platform-name: arch
24 | - platform-name: gentoo
25 | - platform-name: almalinux
26 | - platform-name: rocky
27 | - platform-name: mac_os_x
28 | - platform: windows
29 |
--------------------------------------------------------------------------------
/test/integration/share/README.md:
--------------------------------------------------------------------------------
1 | # InSpec Profile: `share`
2 |
3 | This shows the implementation of the `share` InSpec [profile](https://github.com/inspec/inspec/blob/master/docs/profiles.md).
4 |
5 | Its goal is to share the libraries between all profiles.
6 |
7 | ## Libraries
8 |
9 | ### `system`
10 |
11 | The `system` library provides easy access to system dependent information:
12 |
13 | - `system.platform`: based on `inspec.platform`, modify to values that are more consistent from a SaltStack perspective
14 | - `system.platform[:family]` provide a family name for Arch and Gentoo
15 | - `system.platform[:name]` append `linux` to both `amazon` and `oracle`; ensure Windows platforms are resolved as simply `windows`
16 | - `system.platform[:release]` tweak Arch, Amazon Linux, Gentoo, openSUSE and Windows:
17 | - `Arch` is always `base-latest`
18 | - `Amazon Linux` release `2018` is resolved as `1`
19 | - `Gentoo` release is trimmed to its major version number and then the init system is appended (i.e. `sysv` or `sysd`)
20 | - `openSUSE` is resolved as `tumbleweed` if the `platform[:release]` is in date format
21 | - `Windows` uses the widely-used release number (e.g. `8.1` or `2019-server`) in place of the actual system release version
22 | - `system.platform[:finger]` is the concatenation of the name and the major release number (except for Ubuntu, which gives `ubuntu-20.04` for example)
23 |
--------------------------------------------------------------------------------
/test/integration/share/inspec.yml:
--------------------------------------------------------------------------------
1 | # -*- coding: utf-8 -*-
2 | # vim: ft=yaml
3 | ---
4 | name: share
5 | title: InSpec shared resources
6 | maintainer: SaltStack Formulas
7 | license: Apache-2.0
8 | summary: shared resources
9 | supports:
10 | - platform-name: debian
11 | - platform-name: ubuntu
12 | - platform-name: centos
13 | - platform-name: fedora
14 | - platform-name: opensuse
15 | - platform-name: suse
16 | - platform-name: freebsd
17 | - platform-name: openbsd
18 | - platform-name: amazon
19 | - platform-name: oracle
20 | - platform-name: arch
21 | - platform-name: gentoo
22 | - platform-name: almalinux
23 | - platform-name: rocky
24 | - platform-name: mac_os_x
25 | - platform: windows
26 |
--------------------------------------------------------------------------------
/test/integration/share/libraries/system.rb:
--------------------------------------------------------------------------------
1 | # frozen_string_literal: true
2 |
3 | # system.rb -- InSpec resources for system values
4 | # Author: Daniel Dehennin
5 | # Copyright (C) 2020 Daniel Dehennin
6 |
7 | # rubocop:disable Metrics/ClassLength
8 | class SystemResource < Inspec.resource(1)
9 | name 'system'
10 |
11 | attr_reader :platform
12 |
13 | def initialize
14 | super
15 | @platform = build_platform
16 | end
17 |
18 | private
19 |
20 | def build_platform
21 | {
22 | family: build_platform_family,
23 | name: build_platform_name,
24 | release: build_platform_release,
25 | finger: build_platform_finger,
26 | codename: build_platform_codename
27 | }
28 | end
29 |
30 | def build_platform_family
31 | case inspec.platform[:name]
32 | when 'arch', 'gentoo'
33 | inspec.platform[:name]
34 | else
35 | inspec.platform[:family]
36 | end
37 | end
38 |
39 | def build_platform_name
40 | case inspec.platform[:name]
41 | when 'amazon', 'oracle', 'rocky'
42 | "#{inspec.platform[:name]}linux"
43 | when /^windows_/
44 | inspec.platform[:family]
45 | else
46 | inspec.platform[:name]
47 | end
48 | end
49 |
50 | # rubocop:disable Metrics/MethodLength,Metrics/AbcSize,Metrics/CyclomaticComplexity
51 | def build_platform_release
52 | case inspec.platform[:name]
53 | when 'amazon'
54 | # `2018` relase is named `1` in `kitchen.yml`
55 | inspec.platform[:release].gsub(/2018.*/, '1')
56 | when 'arch'
57 | 'base-latest'
58 | when 'gentoo'
59 | "#{inspec.platform[:release].split('.')[0]}-#{derive_gentoo_init_system}"
60 | when 'mac_os_x'
61 | inspec.command('sw_vers -productVersion').stdout.to_s
62 | when 'opensuse'
63 | # rubocop:disable Style/NumericLiterals,Layout/LineLength
64 | inspec.platform[:release].to_i > 20210101 ? 'tumbleweed' : inspec.platform[:release]
65 | # rubocop:enable Style/NumericLiterals,Layout/LineLength
66 | when 'windows_8.1_pro'
67 | '8.1'
68 | when 'windows_server_2022_datacenter'
69 | '2022-server'
70 | when 'windows_server_2019_datacenter'
71 | '2019-server'
72 | when 'windows_server_2016_datacenter'
73 | '2016-server'
74 | else
75 | inspec.platform[:release]
76 | end
77 | end
78 | # rubocop:enable Metrics/MethodLength,Metrics/AbcSize,Metrics/CyclomaticComplexity
79 |
80 | def derive_gentoo_init_system
81 | inspec.command('systemctl').exist? ? 'sysd' : 'sysv'
82 | end
83 |
84 | def build_platform_finger
85 | "#{build_platform_name}-#{build_finger_release}"
86 | end
87 |
88 | def build_finger_release
89 | case inspec.platform[:name]
90 | when 'ubuntu'
91 | build_platform_release.split('.').slice(0, 2).join('.')
92 | else
93 | build_platform_release.split('.')[0]
94 | end
95 | end
96 |
97 | # rubocop:disable Metrics/MethodLength,Metrics/CyclomaticComplexity
98 | def build_platform_codename
99 | case build_platform_finger
100 | when 'ubuntu-22.04'
101 | 'jammy'
102 | when 'ubuntu-20.04'
103 | 'focal'
104 | when 'ubuntu-18.04'
105 | 'bionic'
106 | when 'debian-11'
107 | 'bullseye'
108 | when 'debian-10'
109 | 'buster'
110 | when 'debian-9'
111 | 'stretch'
112 | when 'almalinux-8'
113 | "AlmaLinux #{build_platform_release} (Arctic Sphynx)"
114 | when 'amazonlinux-2'
115 | 'Amazon Linux 2'
116 | when 'arch-base-latest'
117 | 'Arch Linux'
118 | when 'centos-7'
119 | 'CentOS Linux 7 (Core)'
120 | when 'centos-8'
121 | 'CentOS Stream 8'
122 | when 'opensuse-tumbleweed'
123 | 'openSUSE Tumbleweed'
124 | when 'opensuse-15'
125 | "openSUSE Leap #{build_platform_release}"
126 | when 'oraclelinux-8', 'oraclelinux-7'
127 | "Oracle Linux Server #{build_platform_release}"
128 | when 'gentoo-2-sysd', 'gentoo-2-sysv'
129 | 'Gentoo/Linux'
130 | when 'rockylinux-8'
131 | "Rocky Linux #{build_platform_release} (Green Obsidian)"
132 | else
133 | ''
134 | end
135 | end
136 | # rubocop:enable Metrics/MethodLength,Metrics/CyclomaticComplexity
137 | end
138 | # rubocop:enable Metrics/ClassLength
139 |
--------------------------------------------------------------------------------
/test/integration/vimrc/README.md:
--------------------------------------------------------------------------------
1 | # InSpec Profile: `vimrc`
2 |
3 | This shows the implementation of the `vimrc` InSpec [profile](https://github.com/inspec/inspec/blob/master/docs/profiles.md).
4 |
5 | ## Verify a profile
6 |
7 | InSpec ships with built-in features to verify a profile structure.
8 |
9 | ```bash
10 | $ inspec check vimrc
11 | Summary
12 | -------
13 | Location: vimrc
14 | Profile: profile
15 | Controls: 4
16 | Timestamp: 2019-06-24T23:09:01+00:00
17 | Valid: true
18 |
19 | Errors
20 | ------
21 |
22 | Warnings
23 | --------
24 | ```
25 |
26 | ## Execute a profile
27 |
28 | To run all **supported** controls on a local machine use `inspec exec /path/to/profile`.
29 |
30 | ```bash
31 | $ inspec exec vimrc
32 | ..
33 |
34 | Finished in 0.0025 seconds (files took 0.12449 seconds to load)
35 | 8 examples, 0 failures
36 | ```
37 |
38 | ## Execute a specific control from a profile
39 |
40 | To run one control from the profile use `inspec exec /path/to/profile --controls name`.
41 |
42 | ```bash
43 | $ inspec exec vimrc --controls package
44 | .
45 |
46 | Finished in 0.0025 seconds (files took 0.12449 seconds to load)
47 | 1 examples, 0 failures
48 | ```
49 |
50 | See an [example control here](https://github.com/inspec/inspec/blob/master/examples/profile/controls/example.rb).
51 |
--------------------------------------------------------------------------------
/test/integration/vimrc/controls/config_spec.rb:
--------------------------------------------------------------------------------
1 | # frozen_string_literal: true
2 |
3 | control 'vimrc is managed' do
4 | title 'formula should manage .vimrc'
5 |
6 | describe file('/home/vim_user/.vimrc') do
7 | it { should be_owned_by 'vim_user' }
8 | its('mode') { should cmp '0644' }
9 | its('content') { should match(/syntax on/) }
10 | end
11 | end
12 |
--------------------------------------------------------------------------------
/test/integration/vimrc/inspec.yml:
--------------------------------------------------------------------------------
1 | # -*- coding: utf-8 -*-
2 | # vim: ft=yaml
3 | ---
4 | name: vimrc
5 | title: users formula
6 | maintainer: SaltStack Formulas
7 | license: Apache-2.0
8 | summary: Verify that the `.vimrc` file is configured correctly for specified users
9 | depends:
10 | - name: share
11 | path: test/integration/share
12 | supports:
13 | - platform-name: debian
14 | - platform-name: ubuntu
15 | - platform-name: centos
16 | - platform-name: fedora
17 | - platform-name: opensuse
18 | - platform-name: suse
19 | - platform-name: freebsd
20 | - platform-name: openbsd
21 | - platform-name: amazon
22 | - platform-name: oracle
23 | - platform-name: arch
24 | - platform-name: gentoo
25 | - platform-name: almalinux
26 | - platform-name: rocky
27 | - platform-name: mac_os_x
28 | - platform: windows
29 |
--------------------------------------------------------------------------------
/test/salt/pillar/default.sls:
--------------------------------------------------------------------------------
1 | # -*- coding: utf-8 -*-
2 | # vim: ft=yaml
3 | ---
4 | users-formula:
5 | lookup: # override the defauls in map.jinja
6 | root_group: root
7 |
8 | # group initialization
9 | groups:
10 | foo:
11 | state: present
12 | gid: 1500
13 | system: false
14 | badguys:
15 | absent: true
16 | niceguys:
17 | gid: 4242
18 | system: false
19 | addusers:
20 | - root
21 | delusers:
22 | - toor
23 | ssl-cert:
24 | system: true
25 | members:
26 | # *TODO*: run groups after all users created and then use `auser` and
27 | # `buser` instead
28 | - root
29 | - sshd
30 | # - bin
31 | # - daemon
32 |
33 | users:
34 | ## Minimal required pillar values
35 | auser:
36 | fullname: A User
37 |
38 | ## Full list of pillar values
39 | buser:
40 | fullname: B User
41 | password: $6$w.............
42 | enforce_password: true
43 | # WARNING: If 'empty_password' is set to true, the 'password' statement
44 | # will be ignored by enabling password-less login for the user.
45 | empty_password: false
46 | hash_password: false
47 | system: false
48 | home: /custom/buser
49 | homedir_owner: buser
50 | homedir_group: primarygroup
51 | user_dir_mode: 750
52 | createhome: true
53 | roomnumber: "A-1"
54 | workphone: "(555) 555-5555"
55 | homephone: "(555) 555-5551"
56 | manage_vimrc: false
57 | allow_gid_change: false
58 | manage_bashrc: false
59 | manage_profile: false
60 | expire: 16426
61 | # Disables user management except sudo rules.
62 | # Useful for setting sudo rules for system accounts created by package instalation
63 | sudoonly: false
64 | sudouser: true
65 | # sudo_rules doesn't need the username as a prefix for the rule
66 | # this is added automatically by the formula.
67 | # ----------------------------------------------------------------------
68 | # In case your sudo_rules have a colon please have in mind to not leave
69 | # spaces around it. For example:
70 | # ALL=(ALL) NOPASSWD: ALL <--- THIS WILL NOT WORK (Besides syntax is ok)
71 | # ALL=(ALL) NOPASSWD:ALL <--- THIS WILL WORK
72 | sudo_rules:
73 | - ALL=(root) /usr/bin/find
74 | - ALL=(otheruser) /usr/bin/script.sh
75 | sudo_defaults:
76 | - '!requiretty'
77 | # enable polkitadmin to make user an AdminIdentity for polkit
78 | polkitadmin: true
79 | shell: /bin/bash
80 | remove_groups: false
81 | prime_group:
82 | name: primarygroup
83 | gid: 1501
84 | groups:
85 | - users
86 | optional_groups:
87 | - some_groups_that_might
88 | - not_exist_on_all_minions
89 | ssh_key_type: rsa
90 | # # You can inline the private keys ...
91 | # ssh_keys:
92 | # privkey: PRIVATEKEY
93 | # pubkey: PUBLICKEY
94 | # # or you can provide path to key on Salt fileserver
95 | # # privkey: salt://path_to_PRIVATEKEY
96 | # # pubkey: salt://path_to_PUBLICKEY
97 | # # you can provide multiple keys, the keyname is taken as filename
98 | # # make sure your public keys suffix is .pub
99 | # foobar: PRIVATEKEY
100 | # foobar.pub: PUBLICKEY
101 | # # ... or you can pull them from a different pillar,
102 | # # for example one called "ssh_keys":
103 | # ssh_keys_pillar:
104 | # id_rsa: "ssh_keys"
105 | # another_key_pair: "ssh_keys"
106 | # ssh_auth:
107 | # - PUBLICKEY
108 | # ssh_auth.absent:
109 | # - PUBLICKEY_TO_BE_REMOVED
110 | # # Generates an authorized_keys file for the user
111 | # # with the given keys
112 | # ssh_auth_file:
113 | # - PUBLICKEY
114 | # # ... or you can pull them from a different pillar similar to ssh_keys_pillar
115 | # ssh_auth_pillar:
116 | # id_rsa: "ssh_keys"
117 | # # If you prefer to keep public keys as files rather
118 | # # than inline in pillar, this works.
119 | # ssh_auth_sources:
120 | # - salt://keys/buser.id_rsa.pub
121 | # ssh_auth_sources.absent:
122 | # - salt://keys/deleteduser.id_rsa.pub # PUBLICKEY_FILE_TO_BE_REMOVED
123 | # Manage the ~/.ssh/config file
124 | ssh_known_hosts:
125 | importanthost:
126 | port: 22
127 | fingerprint: 16:27:ac:a5:76:28:2d:36:63:1b:56:4d:eb:df:a6:48
128 | key: PUBLICKEY
129 | enc: ssh-rsa
130 | hash_known_hosts: true
131 | timeout: 5
132 | fingerprint_hash_type: sha256
133 | ssh_known_hosts.absent:
134 | - notimportanthost
135 | ssh_config:
136 | all:
137 | hostname: "*"
138 | options:
139 | - "StrictHostKeyChecking no"
140 | - "UserKnownHostsFile=/dev/null"
141 | importanthost:
142 | hostname: "needcheck.example.com"
143 | options:
144 | - "StrictHostKeyChecking yes"
145 |
146 | # Using gitconfig without Git installed will result in an error
147 | # https://docs.saltstack.com/en/latest/ref/states/all/salt.states.git.html:
148 | # This state module now requires git 1.6.5 (released 10 October 2009) or newer.
149 | gitconfig:
150 | user.name: B User
151 | user.email: buser@example.com
152 | "url.https://.insteadOf": "git://"
153 |
154 | gitconfig.absent:
155 | - push.default
156 | - color\..+
157 |
158 | google_2fa: true
159 | google_auth:
160 | sshd: |
161 | SOMEGAUTHHASHVAL
162 | " RESETTING_TIME_SKEW 46956472+2 46991595-2
163 | " RATE_LIMIT 3 30 1415800560
164 | " DISALLOW_REUSE 47193352
165 | " TOTP_AUTH
166 | 11111111
167 | 22222222
168 | 33333333
169 | 44444444
170 | 55555555
171 | # unique: true allows user to have non unique uid
172 | unique: false
173 | uid: 1001
174 |
175 | user_files:
176 | enabled: true
177 | # 'source' allows you to define an arbitrary directory to sync,
178 | # useful to use for default files.
179 | # should be a salt fileserver path either with or without 'salt://'
180 | # if not present, it defaults to 'salt://users/files/user/
181 | source: users/files
182 | # template: jinja
183 | # You can specify octal mode for files and symlinks that will be copied.
184 | # Since version 2016.11.0 it's possible to use 'keep' for file_mode,
185 | # to preserve file original mode, thus you can save execution bit for example.
186 | file_mode: keep
187 | # You can specify octal mode for directories as well.
188 | # This won't work on Windows minions
189 | # dir_mode: 775
190 | sym_mode: 640
191 | exclude_pat: "*.gitignore"
192 |
193 | ## Absent user
194 | cuser:
195 | absent: true
196 | purge: true
197 | force: true
198 |
199 |
200 | ## Old syntax of absent_users still supported
201 | absent_users:
202 | - donald
203 | - bad_guy
204 |
--------------------------------------------------------------------------------
/test/salt/pillar/vimrc.sls:
--------------------------------------------------------------------------------
1 | # -*- coding: utf-8 -*-
2 | # vim: ft=yaml
3 | ---
4 | users-formula:
5 | use_vim_formula: true
6 |
7 | users:
8 | ## Minimal required pillar values
9 | vim_user:
10 | fullname: Vim User
11 | manage_vimrc: true
12 |
--------------------------------------------------------------------------------
/users/_mapdata/_mapdata.jinja:
--------------------------------------------------------------------------------
1 | # yamllint disable rule:indentation rule:line-length
2 | # {{ grains.get("osfinger", grains.os) }}
3 | ---
4 | {#- use salt.slsutil.serialize to avoid encoding errors on some platforms #}
5 | {{ salt["slsutil.serialize"](
6 | "yaml",
7 | map,
8 | default_flow_style=False,
9 | allow_unicode=True,
10 | )
11 | | regex_replace("^\s+'$", "'", multiline=True)
12 | | trim
13 | }}
14 |
--------------------------------------------------------------------------------
/users/_mapdata/init.sls:
--------------------------------------------------------------------------------
1 | # -*- coding: utf-8 -*-
2 | # vim: ft=sls
3 | ---
4 | {#- Get the `tplroot` from `tpldir` #}
5 | {%- set tplroot = tpldir.split("/")[0] %}
6 | {%- from tplroot ~ "/map.jinja" import users with context %}
7 |
8 | {%- set _mapdata = {
9 | "values": users,
10 | } %}
11 | {%- do salt["log.debug"]("### MAP.JINJA DUMP ###\n" ~ _mapdata | yaml(False)) %}
12 |
13 | {%- set output_dir = "/temp" if grains.os_family == "Windows" else "/tmp" %}
14 | {%- set output_file = output_dir ~ "/salt_mapdata_dump.yaml" %}
15 |
16 | {{ tplroot }}-mapdata-dump:
17 | file.managed:
18 | - name: {{ output_file }}
19 | - source: salt://{{ tplroot }}/_mapdata/_mapdata.jinja
20 | - template: jinja
21 | - context:
22 | map: {{ _mapdata | yaml }}
23 |
--------------------------------------------------------------------------------
/users/bashrc.sls:
--------------------------------------------------------------------------------
1 | {% from "users/map.jinja" import users with context %}
2 | include:
3 | - users
4 |
5 | {% for name, user in pillar.get('users', {}).items() if user.absent is not defined or not user.absent %}
6 | {%- set current = salt.user.info(name) -%}
7 | {%- if user == None -%}
8 | {%- set user = {} -%}
9 | {%- endif -%}
10 | {%- set home = user.get('home', current.get('home', "/home/%s" % name)) -%}
11 | {%- set manage = user.get('manage_bashrc', False) -%}
12 | {%- if 'prime_group' in user and 'name' in user['prime_group'] %}
13 | {%- set user_group = user.prime_group.name -%}
14 | {%- else -%}
15 | {%- set user_group = name -%}
16 | {%- endif %}
17 | {%- if manage -%}
18 | users_{{ name }}_user_bashrc:
19 | file.managed:
20 | - name: {{ home }}/.bashrc
21 | - user: {{ name }}
22 | - group: {{ user_group }}
23 | - mode: '0644'
24 | - template: jinja
25 | - source:
26 | - salt://users/files/bashrc/{{ name }}/bashrc
27 | - salt://users/files/bashrc/bashrc
28 | {% endif %}
29 | {% endfor %}
30 |
--------------------------------------------------------------------------------
/users/defaults.yaml:
--------------------------------------------------------------------------------
1 | # -*- coding: utf-8 -*-
2 | # vim: ft=yaml
3 | ---
4 | users-formula:
5 | use_vim_formula: false
6 |
7 | users:
8 | allow_gid_change: true
9 | createhome: true
10 |
--------------------------------------------------------------------------------
/users/files/bashrc/bashrc:
--------------------------------------------------------------------------------
1 | #
2 | # ~/.bashrc
3 | #
4 | #
5 | # If not running interactively, don't do anything
6 | [[ $- != *i* ]] && return
7 |
8 | alias ls='ls --color=auto'
9 | PS1='[\u@\h \W]\$ '
10 |
--------------------------------------------------------------------------------
/users/files/profile/profile:
--------------------------------------------------------------------------------
1 | # ~/.profile: executed by the command interpreter for login shells.
2 | # This file is not read by bash(1), if ~/.bash_profile or ~/.bash_login
3 | # exists.
4 | # see /usr/share/doc/bash/examples/startup-files for examples.
5 | # the files are located in the bash-doc package.
6 |
7 | # the default umask is set in /etc/profile; for setting the umask
8 | # for ssh logins, install and configure the libpam-umask package.
9 | #umask 022
10 |
11 | # if running bash
12 | if [ -n "$BASH_VERSION" ]; then
13 | # include .bashrc if it exists
14 | if [ -f "$HOME/.bashrc" ]; then
15 | . "$HOME/.bashrc"
16 | fi
17 | fi
18 |
19 | # set PATH so it includes user's private bin if it exists
20 | if [ -d "$HOME/bin" ] ; then
21 | PATH="$HOME/bin:$PATH"
22 | fi
23 |
--------------------------------------------------------------------------------
/users/files/user/.keep:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/saltstack-formulas/users-formula/ed4c1f0aaa4c808960371aa1b3b2f60440f1c366/users/files/user/.keep
--------------------------------------------------------------------------------
/users/files/vimrc/vimrc:
--------------------------------------------------------------------------------
1 | """"""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""
2 | " File managed by Salt at <{{ source }}>.
3 | " Your changes will be overwritten.
4 | """"""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""
5 | "
6 | {% raw -%}
7 | " URL: http://vim.wikia.com/wiki/Example_vimrc
8 | " Authors: http://vim.wikia.com/wiki/Vim_on_Freenode
9 | " Description: A minimal, but feature rich, example .vimrc. If you are a
10 | " newbie, basing your first .vimrc on this file is a good choice.
11 | " If you're a more advanced user, building your own .vimrc based
12 | " on this file is still a good idea.
13 |
14 | "------------------------------------------------------------
15 | " Features {{{1
16 | "
17 | " These options and commands enable some very useful features in Vim, that
18 | " no user should have to live without.
19 |
20 | " Set 'nocompatible' to ward off unexpected things that your distro might
21 | " have made, as well as sanely reset options when re-sourcing .vimrc
22 | set nocompatible
23 |
24 | " Attempt to determine the type of a file based on its name and possibly its
25 | " contents. Use this to allow intelligent auto-indenting for each filetype,
26 | " and for plugins that are filetype specific.
27 | filetype indent plugin on
28 |
29 | " Enable syntax highlighting
30 | syntax on
31 |
32 |
33 | "------------------------------------------------------------
34 | " Must have options {{{1
35 | "
36 | " These are highly recommended options.
37 |
38 | " Vim with default settings does not allow easy switching between multiple files
39 | " in the same editor window. Users can use multiple split windows or multiple
40 | " tab pages to edit multiple files, but it is still best to enable an option to
41 | " allow easier switching between files.
42 | "
43 | " One such option is the 'hidden' option, which allows you to re-use the same
44 | " window and switch from an unsaved buffer without saving it first. Also allows
45 | " you to keep an undo history for multiple files when re-using the same window
46 | " in this way. Note that using persistent undo also lets you undo in multiple
47 | " files even in the same window, but is less efficient and is actually designed
48 | " for keeping undo history after closing Vim entirely. Vim will complain if you
49 | " try to quit without saving, and swap files will keep you safe if your computer
50 | " crashes.
51 | set hidden
52 |
53 | " Note that not everyone likes working this way (with the hidden option).
54 | " Alternatives include using tabs or split windows instead of re-using the same
55 | " window as mentioned above, and/or either of the following options:
56 | " set confirm
57 | " set autowriteall
58 |
59 | " Better command-line completion
60 | set wildmenu
61 |
62 | " Show partial commands in the last line of the screen
63 | set showcmd
64 |
65 | " Highlight searches (use to temporarily turn off highlighting; see the
66 | " mapping of below)
67 | set hlsearch
68 |
69 | " Modelines have historically been a source of security vulnerabilities. As
70 | " such, it may be a good idea to disable them and use the securemodelines
71 | " script, .
72 | " set nomodeline
73 |
74 |
75 | "------------------------------------------------------------
76 | " Usability options {{{1
77 | "
78 | " These are options that users frequently set in their .vimrc. Some of them
79 | " change Vim's behaviour in ways which deviate from the true Vi way, but
80 | " which are considered to add usability. Which, if any, of these options to
81 | " use is very much a personal preference, but they are harmless.
82 |
83 | " Use case insensitive search, except when using capital letters
84 | set ignorecase
85 | set smartcase
86 |
87 | " Allow backspacing over autoindent, line breaks and start of insert action
88 | set backspace=indent,eol,start
89 |
90 | " When opening a new line and no filetype-specific indenting is enabled, keep
91 | " the same indent as the line you're currently on. Useful for READMEs, etc.
92 | set autoindent
93 |
94 | " Stop certain movements from always going to the first character of a line.
95 | " While this behaviour deviates from that of Vi, it does what most users
96 | " coming from other editors would expect.
97 | set nostartofline
98 |
99 | " Display the cursor position on the last line of the screen or in the status
100 | " line of a window
101 | set ruler
102 |
103 | " Always display the status line, even if only one window is displayed
104 | set laststatus=2
105 |
106 | " Instead of failing a command because of unsaved changes, instead raise a
107 | " dialogue asking if you wish to save changed files.
108 | set confirm
109 |
110 | " Use visual bell instead of beeping when doing something wrong
111 | set visualbell
112 |
113 | " And reset the terminal code for the visual bell. If visualbell is set, and
114 | " this line is also included, vim will neither flash nor beep. If visualbell
115 | " is unset, this does nothing.
116 | set t_vb=
117 |
118 | " Enable use of the mouse for all modes
119 | set mouse=a
120 |
121 | " Set the command window height to 2 lines, to avoid many cases of having to
122 | " "press to continue"
123 | set cmdheight=2
124 |
125 | " Display line numbers on the left
126 | set number
127 |
128 | " Quickly time out on keycodes, but never time out on mappings
129 | set notimeout ttimeout ttimeoutlen=200
130 |
131 | " Use to toggle between 'paste' and 'nopaste'
132 | set pastetoggle=
133 |
134 |
135 | "------------------------------------------------------------
136 | " Indentation options {{{1
137 | "
138 | " Indentation settings according to personal preference.
139 |
140 | " Indentation settings for using 4 spaces instead of tabs.
141 | " Do not change 'tabstop' from its default value of 8 with this setup.
142 | set shiftwidth=4
143 | set softtabstop=4
144 | set expandtab
145 |
146 | " Indentation settings for using hard tabs for indent. Display tabs as
147 | " four characters wide.
148 | "set shiftwidth=4
149 | "set tabstop=4
150 |
151 |
152 | "------------------------------------------------------------
153 | " Mappings {{{1
154 | "
155 | " Useful mappings
156 |
157 | " Map Y to act like D and C, i.e. to yank until EOL, rather than act as yy,
158 | " which is the default
159 | map Y y$
160 |
161 | " Map (redraw screen) to also turn off search highlighting until the
162 | " next search
163 | nnoremap :nohl
164 |
165 |
166 | "------------------------------------------------------------
167 | {%- endraw %}
168 |
--------------------------------------------------------------------------------
/users/googleauth.sls:
--------------------------------------------------------------------------------
1 | # vim: sts=2 ts=2 sw=2 et ai
2 | {%- from "users/map.jinja" import users with context %}
3 |
4 | {%- if not grains['os_family'] in ['RedHat', 'Suse'] %}
5 | users_googleauth-package:
6 | pkg.installed:
7 | - name: {{ users.googleauth_package }}
8 | - require:
9 | - file: {{ users.googleauth_dir }}
10 |
11 | users_{{ users.googleauth_dir }}:
12 | file.directory:
13 | - name: {{ users.googleauth_dir }}
14 | - user: root
15 | - group: {{ users.root_group }}
16 | - mode: '0600'
17 |
18 | {%- for name, user in pillar.get('users', {}).items() if user.absent is not defined or not user.absent %}
19 | {%- if 'google_auth' in user %}
20 | {%- for svc in user['google_auth'] %}
21 | {%- if user.get('google_2fa', True) %}
22 | {%- set repl = '{0} {1} {2} {3} {4}{5}/{6}_{7} {8}\\n{9}'.format(
23 | 'auth',
24 | '[success=done new_authtok_reqd=done default=die]',
25 | 'pam_google_authenticator.so',
26 | 'user=root',
27 | 'secret=',
28 | users.googleauth_dir,
29 | '${USER}',
30 | svc,
31 | 'echo_verification_code',
32 | '@include common-auth',
33 | ) %}
34 | users_googleauth-pam-{{ svc }}-{{ name }}:
35 | file.replace:
36 | - name: /etc/pam.d/{{ svc }}
37 | - pattern: "^@include common-auth"
38 | - repl: "{{ repl }}"
39 | - unless: grep pam_google_authenticator.so /etc/pam.d/{{ svc }}
40 | - backup: .bak
41 | {%- endif %}
42 | {%- endfor %}
43 | {%- endif %}
44 | {%- endfor %}
45 | {%- endif %}
46 |
--------------------------------------------------------------------------------
/users/init.sls:
--------------------------------------------------------------------------------
1 | # vim: sts=2 ts=2 sw=2 et ai
2 | {% from "users/map.jinja" import users with context %}
3 | {% set used_sudo = [] %}
4 | {% set used_googleauth = [] %}
5 | {% set used_user_files = [] %}
6 | {% set used_polkit = [] %}
7 |
8 | {% for group, setting in salt['pillar.get']('groups', {}).items() %}
9 | {% if setting.absent is defined and setting.absent or setting.get('state', "present") == 'absent' %}
10 | users_group_absent_{{ group }}:
11 | group.absent:
12 | - name: {{ group }}
13 | {% else %}
14 | users_group_present_{{ group }}:
15 | group.present:
16 | - name: {{ group }}
17 | - gid: {{ setting.get('gid', "null") }}
18 | - system: {{ setting.get('system',"False") }}
19 | - members: {{ setting.get('members')|json }}
20 | - addusers: {{ setting.get('addusers')|json }}
21 | - delusers: {{ setting.get('delusers')|json }}
22 | {% endif %}
23 | {% endfor %}
24 |
25 | {%- for name, user in pillar.get('users', {}).items()
26 | if user.absent is not defined or not user.absent %}
27 | {%- if user == None -%}
28 | {%- set user = {} -%}
29 | {%- endif -%}
30 | {%- if 'sudoonly' in user and user['sudoonly'] %}
31 | {%- set _dummy=user.update({'sudouser': True}) %}
32 | {%- endif %}
33 | {%- if 'sudouser' in user and user['sudouser'] %}
34 | {%- do used_sudo.append(1) %}
35 | {%- endif %}
36 | {%- if 'google_auth' in user %}
37 | {%- do used_googleauth.append(1) %}
38 | {%- endif %}
39 | {%- if salt['pillar.get']('users:' ~ name ~ ':user_files:enabled', False) %}
40 | {%- do used_user_files.append(1) %}
41 | {%- endif %}
42 | {%- if user.get('polkitadmin', False) == True %}
43 | {%- do used_polkit.append(1) %}
44 | {%- endif %}
45 | {%- endfor %}
46 |
47 | {%- if used_sudo or used_googleauth or used_user_files or used_polkit %}
48 | include:
49 | {%- if used_sudo %}
50 | - users.sudo
51 | {%- endif %}
52 | {%- if used_googleauth %}
53 | - users.googleauth
54 | {%- endif %}
55 | {%- if used_user_files %}
56 | - users.user_files
57 | {%- endif %}
58 | {%- if used_polkit %}
59 | - users.polkit
60 | {%- endif %}
61 | {%- endif %}
62 |
63 | {% for name, user in pillar.get('users', {}).items()
64 | if user.absent is not defined or not user.absent %}
65 | {%- if user == None -%}
66 | {%- set user = {} -%}
67 | {%- endif -%}
68 | {%- set current = salt.user.info(name) -%}
69 | {%- set home = user.get('home', current.get('home', "/home/%s" % name)) -%}
70 | {%- set createhome = user.get('createhome', users.get('createhome')) -%}
71 |
72 | {%- if 'prime_group' in user and 'name' in user['prime_group'] %}
73 | {%- set user_group = user.prime_group.name -%}
74 | {%- else -%}
75 | {%- set user_group = name -%}
76 | {%- endif %}
77 |
78 | {%- if not ( 'sudoonly' in user and user['sudoonly'] ) %}
79 | {% for group in user.get('groups', []) %}
80 | users_{{ name }}_{{ group }}_group:
81 | group.present:
82 | - name: {{ group }}
83 | {% if group == 'sudo' %}
84 | - system: True
85 | {% endif %}
86 | {% endfor %}
87 |
88 | {# in case home subfolder doesn't exist, create it before the user exists #}
89 | {% if createhome -%}
90 | users_{{ name }}_user_prereq:
91 | file.directory:
92 | - name: {{ salt['file.dirname'](home) }}
93 | - makedirs: True
94 | - prereq:
95 | - user: users_{{ name }}_user
96 | {%- endif %}
97 |
98 | users_{{ name }}_user:
99 | {% if createhome -%}
100 | file.directory:
101 | - name: {{ home }}
102 | - user: {{ user.get('homedir_owner', name) }}
103 | - group: {{ user.get('homedir_group', user_group) }}
104 | - mode: {{ user.get('user_dir_mode', '0750') }}
105 | - makedirs: True
106 | - require:
107 | - user: users_{{ name }}_user
108 | - group: {{ user_group }}
109 | {%- endif %}
110 | group.present:
111 | - name: {{ user_group }}
112 | {%- if 'prime_group' in user and 'gid' in user['prime_group'] %}
113 | - gid: {{ user['prime_group']['gid'] }}
114 | {%- elif 'uid' in user %}
115 | - gid: {{ user['uid'] }}
116 | {%- endif %}
117 | {% if 'system' in user and user['system'] %}
118 | - system: True
119 | {% endif %}
120 | user.present:
121 | - name: {{ name }}
122 | - home: {{ home }}
123 | - shell: {{ user.get('shell', current.get('shell', users.get('shell', '/bin/bash'))) }}
124 | {% if 'uid' in user -%}
125 | - uid: {{ user['uid'] }}
126 | {% endif -%}
127 | {% if 'password' in user -%}
128 | - password: '{{ user['password'] }}'
129 | {% endif -%}
130 | {% if user.get('empty_password') -%}
131 | - empty_password: {{ user.get('empty_password') }}
132 | {% endif -%}
133 | {% if 'enforce_password' in user -%}
134 | - enforce_password: {{ user['enforce_password'] }}
135 | {% endif -%}
136 | {% if 'hash_password' in user -%}
137 | - hash_password: {{ user['hash_password'] }}
138 | {% endif -%}
139 | {% if user.get('system', False) -%}
140 | - system: True
141 | {% endif -%}
142 | {% if 'prime_group' in user and 'gid' in user['prime_group'] -%}
143 | - gid: {{ user['prime_group']['gid'] }}
144 | {% elif 'prime_group' in user and 'name' in user['prime_group'] %}
145 | - gid: {{ user['prime_group']['name'] }}
146 | {% elif grains.os != 'MacOS' -%}
147 | - gid: {{ name }}
148 | {% endif -%}
149 | {% if 'fullname' in user %}
150 | - fullname: {{ user['fullname'] }}
151 | {% endif -%}
152 | {% if 'roomnumber' in user %}
153 | - roomnumber: {{ user['roomnumber'] }}
154 | {% endif %}
155 | {% if 'workphone' in user %}
156 | - workphone: {{ user['workphone'] }}
157 | {% endif %}
158 | {% if 'homephone' in user %}
159 | - homephone: {{ user['homephone'] }}
160 | {% endif %}
161 | - createhome: {{ createhome }}
162 | {% if not user.get('unique', True) %}
163 | - unique: False
164 | {% endif %}
165 | {%- if grains['saltversioninfo'] >= [2018, 3, 1] %}
166 | - allow_gid_change: {{ users.allow_gid_change if 'allow_gid_change' not in user else user['allow_gid_change'] }}
167 | {%- endif %}
168 | {% if 'expire' in user -%}
169 | {% if grains['kernel'].endswith('BSD') and
170 | user['expire'] < 157766400 %}
171 | {# 157762800s since epoch equals 01 Jan 1975 00:00:00 UTC #}
172 | - expire: {{ user['expire'] * 86400 }}
173 | {% elif grains['kernel'] == 'Linux' and
174 | user['expire'] > 84006 %}
175 | {# 2932896 days since epoch equals 9999-12-31 #}
176 | - expire: {{ (user['expire'] / 86400) | int }}
177 | {% else %}
178 | - expire: {{ user['expire'] }}
179 | {% endif %}
180 | {% endif -%}
181 | {% if 'mindays' in user %}
182 | - mindays: {{ user.get('mindays', None) }}
183 | {% endif %}
184 | {% if 'maxdays' in user %}
185 | - maxdays: {{ user.get('maxdays', None) }}
186 | {% endif %}
187 | {% if 'inactdays' in user %}
188 | - inactdays: {{ user.get('inactdays', None) }}
189 | {% endif %}
190 | {% if 'warndays' in user %}
191 | - warndays: {{ user.get('warndays', None) }}
192 | {% endif %}
193 | - remove_groups: {{ user.get('remove_groups', 'False') }}
194 | - groups:
195 | - {{ user_group }}
196 | {% for group in user.get('groups', []) -%}
197 | - {{ group }}
198 | {% endfor %}
199 | {% if 'optional_groups' in user %}
200 | - optional_groups:
201 | {% for optional_group in user['optional_groups'] -%}
202 | - {{ optional_group }}
203 | {% endfor %}
204 | {% endif %}
205 | - require:
206 | - group: {{ user_group }}
207 | {% for group in user.get('groups', []) -%}
208 | - group: {{ group }}
209 | {% endfor %}
210 |
211 |
212 | {% if 'ssh_keys' in user or
213 | 'ssh_auth' in user or
214 | 'ssh_auth_file' in user or
215 | 'ssh_auth_pillar' in user or
216 | 'ssh_auth.absent' in user or
217 | 'ssh_config' in user %}
218 | user_keydir_{{ name }}:
219 | file.directory:
220 | - name: {{ home }}/.ssh
221 | - user: {{ name }}
222 | - group: {{ user_group }}
223 | - makedirs: True
224 | - mode: '0700'
225 | - dir_mode: '0700'
226 | - require:
227 | - user: {{ name }}
228 | - group: {{ user_group }}
229 | {%- for group in user.get('groups', []) %}
230 | - group: {{ group }}
231 | {%- endfor %}
232 | {% endif %}
233 |
234 | {% if 'ssh_keys' in user %}
235 | {% for _key in user.ssh_keys.keys() %}
236 | {% if _key == 'privkey' %}
237 | {% set key_name = 'id_' + user.get('ssh_key_type', 'rsa') %}
238 | {% elif _key == 'pubkey' %}
239 | {% set key_name = 'id_' + user.get('ssh_key_type', 'rsa') + '.pub' %}
240 | {% else %}
241 | {% set key_name = _key %}
242 | {% endif %}
243 | users_{{ name }}_{{ key_name }}_key:
244 | file.managed:
245 | - name: {{ home }}/.ssh/{{ key_name }}
246 | - user: {{ name }}
247 | - group: {{ user_group }}
248 | {% if key_name.endswith(".pub") %}
249 | - mode: '0644'
250 | {% else %}
251 | - mode: '0600'
252 | {% endif %}
253 | - show_diff: False
254 | {%- set key_value = salt['pillar.get']('users:'+name+':ssh_keys:'+_key) %}
255 | {%- if 'salt://' in key_value[:7] %}
256 | - source: {{ key_value }}
257 | {%- else %}
258 | - contents_pillar: users:{{ name }}:ssh_keys:{{ _key }}
259 | {%- endif %}
260 | - require:
261 | - user: users_{{ name }}_user
262 | {% for group in user.get('groups', []) %}
263 | - group: users_{{ name }}_{{ group }}_group
264 | {% endfor %}
265 | {% endfor %}
266 | {% endif %}
267 |
268 |
269 | {% if 'ssh_auth_file' in user or 'ssh_auth_pillar' in user %}
270 | users_authorized_keys_{{ name }}:
271 | file.managed:
272 | - name: {{ home }}/.ssh/authorized_keys
273 | - user: {{ name }}
274 | - group: {{ user_group }}
275 | - mode: '0600'
276 | {% if 'ssh_auth_file' in user %}
277 | - contents: |
278 | {% for auth in user.ssh_auth_file -%}
279 | {{ auth }}
280 | {% endfor -%}
281 | {% else %}
282 | - contents: |
283 | {%- for key_name, pillar_name in user['ssh_auth_pillar'].items() %}
284 | {{ salt['pillar.get'](pillar_name + ':' + key_name + ':pubkey', '') }}
285 | {%- endfor %}
286 | {% endif %}
287 | {% endif %}
288 |
289 | {% if 'ssh_auth' in user %}
290 | {% for auth in user['ssh_auth'] %}
291 | users_ssh_auth_{{ name }}_{{ loop.index0 }}:
292 | ssh_auth.present:
293 | - user: {{ name }}
294 | - name: {{ auth }}
295 | - require:
296 | - file: user_keydir_{{ name }}
297 | - user: users_{{ name }}_user
298 | {% endfor %}
299 | {% endif %}
300 |
301 | {% if 'ssh_keys_pillar' in user %}
302 | {% for key_name, pillar_name in user['ssh_keys_pillar'].items() %}
303 | user_ssh_keys_files_{{ name }}_{{ key_name }}_private_key:
304 | file.managed:
305 | - name: {{ home }}/.ssh/{{ key_name }}
306 | - user: {{ name }}
307 | - group: {{ user_group }}
308 | - mode: '0600'
309 | - show_diff: False
310 | - contents_pillar: {{ pillar_name }}:{{ key_name }}:privkey
311 | - require:
312 | - user: users_{{ name }}_user
313 | {% for group in user.get('groups', []) %}
314 | - group: users_{{ name }}_{{ group }}_group
315 | {% endfor %}
316 | user_ssh_keys_files_{{ name }}_{{ key_name }}_public_key:
317 | file.managed:
318 | - name: {{ home }}/.ssh/{{ key_name }}.pub
319 | - user: {{ name }}
320 | - group: {{ user_group }}
321 | - mode: '0644'
322 | - show_diff: False
323 | - contents_pillar: {{ pillar_name }}:{{ key_name }}:pubkey
324 | - require:
325 | - user: users_{{ name }}_user
326 | {% for group in user.get('groups', []) %}
327 | - group: users_{{ name }}_{{ group }}_group
328 | {% endfor %}
329 | {% endfor %}
330 | {% endif %}
331 |
332 | {% if 'ssh_auth_sources' in user %}
333 | {% for pubkey_file in user['ssh_auth_sources'] %}
334 | users_ssh_auth_source_{{ name }}_{{ loop.index0 }}:
335 | ssh_auth.present:
336 | - user: {{ name }}
337 | - source: {{ pubkey_file }}
338 | - require:
339 | {% if createhome -%}
340 | - file: users_{{ name }}_user
341 | {% endif -%}
342 | - user: users_{{ name }}_user
343 | {% endfor %}
344 | {% endif %}
345 |
346 | {% if 'ssh_auth_sources.absent' in user %}
347 | {% for pubkey_file in user['ssh_auth_sources.absent'] %}
348 | users_ssh_auth_source_delete_{{ name }}_{{ loop.index0 }}:
349 | ssh_auth.absent:
350 | - user: {{ name }}
351 | - source: {{ pubkey_file }}
352 | - require:
353 | {% if createhome -%}
354 | - file: users_{{ name }}_user
355 | {% endif -%}
356 | - user: users_{{ name }}_user
357 | {% endfor %}
358 | {% endif %}
359 |
360 | {% if 'ssh_auth.absent' in user %}
361 | {% for auth in user['ssh_auth.absent'] %}
362 | users_ssh_auth_delete_{{ name }}_{{ loop.index0 }}:
363 | ssh_auth.absent:
364 | - user: {{ name }}
365 | - name: {{ auth }}
366 | - require:
367 | {% if createhome -%}
368 | - file: users_{{ name }}_user
369 | {% endif -%}
370 | - user: users_{{ name }}_user
371 | {% endfor %}
372 | {% endif %}
373 |
374 | {% if 'ssh_config' in user %}
375 | users_ssh_config_{{ name }}:
376 | file.managed:
377 | - name: {{ home }}/.ssh/config
378 | - user: {{ name }}
379 | - group: {{ user_group }}
380 | - mode: '0640'
381 | - contents: |
382 | # Managed by Saltstack
383 | # Do Not Edit
384 | {% for label, setting in user.ssh_config.items() %}
385 | # {{ label }}
386 | Host {{ setting.get('hostname') }}
387 | {%- for opts in setting.get('options') %}
388 | {{ opts }}
389 | {%- endfor %}
390 | {% endfor -%}
391 | {% endif %}
392 |
393 | {% if 'ssh_known_hosts' in user %}
394 | {% for hostname, host in user['ssh_known_hosts'].items() %}
395 | users_ssh_known_hosts_{{ name }}_{{ loop.index0 }}:
396 | ssh_known_hosts.present:
397 | - user: {{ name }}
398 | - name: {{ hostname }}
399 | {% if 'port' in host %}
400 | - port: {{ host['port'] }}
401 | {% endif -%}
402 | {% if 'fingerprint' in host %}
403 | - fingerprint: {{ host['fingerprint'] }}
404 | {% endif -%}
405 | {% if 'key' in host %}
406 | - key: {{ host['key'] }}
407 | {% endif -%}
408 | {% if 'enc' in host %}
409 | - enc: {{ host['enc'] }}
410 | {% endif -%}
411 | {% if 'hash_known_hosts' in host %}
412 | - hash_known_hosts: {{ host['hash_known_hosts'] }}
413 | {% endif -%}
414 | {% if 'timeout' in host %}
415 | - timeout: {{ host['timeout'] }}
416 | {% endif -%}
417 | {% if 'fingerprint_hash_type' in host %}
418 | - fingerprint_hash_type: {{ host['fingerprint_hash_type'] }}
419 | {% endif -%}
420 | {% endfor %}
421 | {% endif %}
422 |
423 | {% if 'ssh_known_hosts.absent' in user %}
424 | {% for host in user['ssh_known_hosts.absent'] %}
425 | users_ssh_known_hosts_delete_{{ name }}_{{ loop.index0 }}:
426 | ssh_known_hosts.absent:
427 | - user: {{ name }}
428 | - name: {{ host }}
429 | {% endfor %}
430 | {% endif %}
431 | {% endif %}
432 |
433 | {% set sudoers_d_filename = name|replace('.','_') %}
434 | {% if 'sudouser' in user and user['sudouser'] %}
435 |
436 | users_sudoer-{{ name }}:
437 | file.managed:
438 | - replace: False
439 | - name: {{ users.sudoers_dir }}/{{ sudoers_d_filename }}
440 | - user: root
441 | - group: {{ users.root_group }}
442 | - mode: '0440'
443 | {% if 'sudo_rules' in user or 'sudo_defaults' in user %}
444 | #{#%
445 | {% if 'sudo_rules' in user %}
446 | {% for rule in user['sudo_rules'] %}
447 | "validate {{ name }} sudo rule {{ loop.index0 }} {{ name }} {{ rule }}":
448 | cmd.run:
449 | - name: 'visudo -cf - <<<"$rule" | { read output; if [[ $output != "stdin: parsed OK" ]] ; then echo $output ; fi }'
450 | - stateful: True
451 | - shell: {{ users.visudo_shell }}
452 | - env:
453 | # Specify the rule via an env var to avoid shell quoting issues.
454 | - rule: "{{ name }} {{ rule }}"
455 | - require_in:
456 | - file: users_{{ users.sudoers_dir }}/{{ name }}
457 | {% endfor %}
458 | {% endif %}
459 | {% if 'sudo_defaults' in user %}
460 | {% for entry in user['sudo_defaults'] %}
461 | "validate {{ name }} sudo Defaults {{ loop.index0 }} {{ name }} {{ entry }}":
462 | cmd.run:
463 | - name: 'visudo -cf - <<<"$rule" | { read output; if [[ $output != "stdin: parsed OK" ]] ; then echo $output ; fi }'
464 | - stateful: True
465 | - shell: {{ users.visudo_shell }}
466 | - env:
467 | # Specify the rule via an env var to avoid shell quoting issues.
468 | - rule: "Defaults:{{ name }} {{ entry }}"
469 | - require_in:
470 | - file: users_{{ users.sudoers_dir }}/{{ name }}
471 | {% endfor %}
472 | {% endif %}
473 | #%#}
474 |
475 | users_{{ users.sudoers_dir }}/{{ name }}:
476 | file.managed:
477 | - replace: True
478 | - name: {{ users.sudoers_dir }}/{{ sudoers_d_filename }}
479 | - contents: |
480 | {%- if 'sudo_defaults' in user %}
481 | {%- for entry in user['sudo_defaults'] %}
482 | Defaults:{{ name }} {{ entry }}
483 | {%- endfor %}
484 | {%- endif %}
485 | {%- if 'sudo_rules' in user %}
486 | ########################################################################
487 | # File managed by Salt (users-formula).
488 | # Your changes will be overwritten.
489 | ########################################################################
490 | #
491 | {%- for rule in user['sudo_rules'] %}
492 | {{ name }} {{ rule }}
493 | {%- endfor %}
494 | {%- endif %}
495 | - require:
496 | - file: users_sudoer-defaults
497 | - file: users_sudoer-{{ name }}
498 | cmd.run:
499 | - name: visudo -cf {{ users.sudoers_dir }}/{{ sudoers_d_filename }} || ( rm -rvf {{ users.sudoers_dir }}/{{ sudoers_d_filename }}; exit 1 )
500 | - onchanges:
501 | - file: {{ users.sudoers_dir }}/{{ sudoers_d_filename }}
502 | {% endif %}
503 | {% else %}
504 | users_{{ users.sudoers_dir }}/{{ sudoers_d_filename }}:
505 | file.absent:
506 | - name: {{ users.sudoers_dir }}/{{ sudoers_d_filename }}
507 | {% endif %}
508 |
509 | {%- if not grains['os_family'] in ['RedHat', 'Suse'] %}
510 | {%- if 'google_auth' in user %}
511 | {%- for svc in user['google_auth'] %}
512 | users_googleauth-{{ svc }}-{{ name }}:
513 | file.managed:
514 | - replace: false
515 | - name: {{ users.googleauth_dir }}/{{ name }}_{{ svc }}
516 | - contents_pillar: 'users:{{ name }}:google_auth:{{ svc }}'
517 | - user: root
518 | - group: {{ users.root_group }}
519 | - mode: '0400'
520 | - require:
521 | - pkg: users_googleauth-package
522 | {%- endfor %}
523 | {%- endif %}
524 | {%- endif %}
525 |
526 | # this doesn't work (Salt bug), therefore need to run state.apply twice
527 | #include:
528 | # - users
529 | #
530 | #git:
531 | # pkg.installed:
532 | # - require_in:
533 | # - sls: users
534 | #
535 | {% if salt['cmd.has_exec']('git') %}
536 |
537 | {% if 'gitconfig' in user %}
538 | {% for key, value in user['gitconfig'].items() %}
539 | users_{{ name }}_user_gitconfig_{{ loop.index0 }}:
540 | {% if grains['saltversioninfo'] >= [2015, 8, 0, 0] %}
541 | git.config_set:
542 | {% else %}
543 | git.config:
544 | {% endif %}
545 | - name: {{ key }}
546 | - value: "{{ value }}"
547 | - user: {{ name }}
548 | {% if grains['saltversioninfo'] >= [2015, 8, 0, 0] %}
549 | - global: True
550 | {% else %}
551 | - is_global: True
552 | {% endif %}
553 | {% endfor %}
554 | {% endif %}
555 |
556 | {% if 'gitconfig.absent' in user and grains['saltversioninfo'] >= [2015, 8, 0, 0] %}
557 | {% for key in user.get('gitconfig.absent') %}
558 | users_{{ name }}_user_gitconfig_absent_{{ key }}:
559 | git.config_unset:
560 | - name: '{{ key }}'
561 | - user: {{ name }}
562 | - global: True
563 | - all: True
564 | {% endfor %}
565 | {% endif %}
566 |
567 | {% endif %}
568 |
569 | {% endfor %}
570 |
571 |
572 | {% for name, user in pillar.get('users', {}).items()
573 | if user.absent is defined and user.absent %}
574 | users_absent_user_{{ name }}:
575 | {% if 'purge' in user or 'force' in user %}
576 | user.absent:
577 | - name: {{ name }}
578 | {% if 'purge' in user %}
579 | - purge: {{ user['purge'] }}
580 | {% endif %}
581 | {% if 'force' in user %}
582 | - force: {{ user['force'] }}
583 | {% endif %}
584 | {% else %}
585 | user.absent:
586 | - name: {{ name }}
587 | {% endif -%}
588 | users_{{ users.sudoers_dir }}/{{ name }}:
589 | file.absent:
590 | - name: {{ users.sudoers_dir }}/{{ name }}
591 | {% endfor %}
592 |
593 | {% for user in pillar.get('absent_users', []) %}
594 | users_absent_user_2_{{ user }}:
595 | user.absent:
596 | - name: {{ user }}
597 | users_2_{{ users.sudoers_dir }}/{{ user }}:
598 | file.absent:
599 | - name: {{ users.sudoers_dir }}/{{ user }}
600 | {% endfor %}
601 |
602 | {% for group in pillar.get('absent_groups', []) %}
603 | users_absent_group_{{ group }}:
604 | group.absent:
605 | - name: {{ group }}
606 | {% endfor %}
607 |
--------------------------------------------------------------------------------
/users/map.jinja:
--------------------------------------------------------------------------------
1 | # vim: sts=2 ts=2 sw=2 et ai
2 |
3 | {# import defaults.yaml as defaults #}
4 | {% import_yaml 'users/defaults.yaml' as defaults %}
5 |
6 | {# set Os-family specific settings #}
7 | {% set users = salt['grains.filter_by'](
8 | defaults,
9 | merge=salt['grains.filter_by']({
10 | 'MacOS': {
11 | 'sudoers_dir': '/etc/sudoers.d',
12 | 'sudoers_file': '/etc/sudoers',
13 | 'googleauth_dir': '/etc/google_authenticator.d',
14 | 'shell': '/bin/bash',
15 | 'visudo_shell': '/bin/bash',
16 | 'bash_package': 'bash',
17 | 'sudo_package': 'sudo',
18 | 'googleauth_package': 'google-authenticator-libpam',
19 | },
20 | 'Debian': {
21 | 'sudoers_dir': '/etc/sudoers.d',
22 | 'sudoers_file': '/etc/sudoers',
23 | 'googleauth_dir': '/etc/google_authenticator.d',
24 | 'root_group': 'root',
25 | 'shell': '/bin/bash',
26 | 'visudo_shell': '/bin/bash',
27 | 'bash_package': 'bash',
28 | 'sudo_package': 'sudo',
29 | 'googleauth_package': 'libpam-google-authenticator',
30 | 'polkit_dir': '/etc/polkit-1/localauthority.conf.d',
31 | 'polkit_defaults': 'unix-group:sudo;'
32 | },
33 | 'Gentoo': {
34 | 'sudoers_dir': '/etc/sudoers.d',
35 | 'sudoers_file': '/etc/sudoers',
36 | 'googleauth_dir': '/etc/google_authenticator.d',
37 | 'root_group': 'root',
38 | 'shell': '/bin/bash',
39 | 'visudo_shell': '/bin/bash',
40 | 'bash_package': 'app-shells/bash',
41 | 'sudo_package': 'app-admin/sudo',
42 | 'googleauth_package': 'libpam-google-authenticator',
43 | },
44 | 'FreeBSD': {
45 | 'sudoers_dir': '/usr/local/etc/sudoers.d',
46 | 'sudoers_file': '/usr/local/etc/sudoers',
47 | 'googleauth_dir': '/usr/local/etc/google_authenticator.d',
48 | 'root_group': 'wheel',
49 | 'shell': '/bin/csh',
50 | 'visudo_shell': '/usr/local/bin/bash',
51 | 'bash_package': 'bash',
52 | 'sudo_package': 'sudo',
53 | 'googleauth_package': 'pam_google_authenticator',
54 | },
55 | 'OpenBSD': {
56 | 'sudoers_dir': '/etc/sudoers.d',
57 | 'sudoers_file': '/etc/sudoers',
58 | 'googleauth_dir': '/etc/google_authenticator.d',
59 | 'root_group': 'wheel',
60 | 'shell': '/bin/csh',
61 | 'visudo_shell': '/usr/local/bin/bash',
62 | 'bash_package': 'bash',
63 | 'sudo_package': 'sudo',
64 | 'googleauth_package': 'pam_google_authenticator',
65 | },
66 | 'Solaris': {
67 | 'sudoers_dir': '/opt/local/etc/sudoers.d',
68 | 'sudoers_file': '/opt/local/etc/sudoers',
69 | 'googleauth_dir': '/opt/local/etc/google_authenticator.d',
70 | 'root_group': 'root',
71 | 'shell': '/bin/bash',
72 | 'visudo_shell': '/bin/bash',
73 | 'bash_package': 'bash',
74 | 'sudo_package': 'sudo',
75 | 'googleauth_package': 'libpam-google-authenticator',
76 | },
77 | 'default': {
78 | 'sudoers_dir': '/etc/sudoers.d',
79 | 'sudoers_file': '/etc/sudoers',
80 | 'googleauth_dir': '/etc/google_authenticator.d',
81 | 'root_group': 'root',
82 | 'shell': '/bin/bash',
83 | 'visudo_shell': '/bin/bash',
84 | 'bash_package': 'bash',
85 | 'sudo_package': 'sudo',
86 | 'googleauth_package': 'libpam-google-authenticator',
87 | 'polkit_dir': '/etc/polkit-1/localauthority.conf.d',
88 | 'polkit_defaults': 'unix-group:sudo;'
89 | },
90 | }, merge=salt['pillar.get']('users-formula:lookup')),
91 | base='users',
92 | ) %}
93 |
94 | {% if grains.os == 'MacOS' %}
95 | {% set group = salt['cmd.run']("stat -f '%Sg' /dev/console") %}
96 | {% do users.update({'root_group': group,
97 | 'prime_group': group}) %}
98 | {%- endif %}
99 |
--------------------------------------------------------------------------------
/users/polkit.sls:
--------------------------------------------------------------------------------
1 | {% from "users/map.jinja" import users with context %}
2 | {% set polkitusers = {} %}
3 | {% set polkitusers = {'value': ''} %}
4 |
5 | {% for name, user in pillar.get('users', {}).items() %}
6 | {% if user.absent is not defined or not user.absent %}
7 | {% if 'polkitadmin' in user and user['polkitadmin'] %}
8 | {% do polkitusers.update({'value': polkitusers.value + 'unix-user:' + name + ';'}) %}
9 | {% endif %}
10 | {% endif %}
11 | {% endfor %}
12 |
13 | {% if polkitusers.value != '' %}
14 | users_{{ users.polkit_dir }}/99salt-users-formula.conf:
15 | file.managed:
16 | - replace: True
17 | - onlyif: 'test -d {{ users.polkit_dir }}'
18 | - name: {{ users.polkit_dir }}/99salt-users-formula.conf
19 | - contents: |
20 | ########################################################################
21 | # File managed by Salt (users-formula).
22 | # Your changes will be overwritten.
23 | ########################################################################
24 | #
25 | [Configuration]
26 | AdminIdentities={{ users.polkit_defaults }}{{ polkitusers.value }}
27 | {% else %}
28 | users_{{ users.polkit_dir }}/99salt-users-formula.conf_delete:
29 | file.absent:
30 | - name: {{ users.polkit_dir }}/99salt-users-formula.conf
31 | {% endif %}
32 |
--------------------------------------------------------------------------------
/users/profile.sls:
--------------------------------------------------------------------------------
1 | {% from "users/map.jinja" import users with context %}
2 | include:
3 | - users
4 |
5 | {% for name, user in pillar.get('users', {}).items() if user.absent is not defined or not user.absent %}
6 | {%- set current = salt.user.info(name) -%}
7 | {%- if user == None -%}
8 | {%- set user = {} -%}
9 | {%- endif -%}
10 | {%- set home = user.get('home', current.get('home', "/home/%s" % name)) -%}
11 | {%- set manage = user.get('manage_profile', False) -%}
12 | {%- if 'prime_group' in user and 'name' in user['prime_group'] %}
13 | {%- set user_group = user.prime_group.name -%}
14 | {%- else -%}
15 | {%- set user_group = name -%}
16 | {%- endif %}
17 | {%- if manage -%}
18 | users_{{ name }}_user_profile:
19 | file.managed:
20 | - name: {{ home }}/.profile
21 | - user: {{ name }}
22 | - group: {{ user_group }}
23 | - mode: '0644'
24 | - template: jinja
25 | - source:
26 | - salt://users/files/profile/{{ name }}/profile
27 | - salt://users/files/profile/profile
28 | {% endif %}
29 | {% endfor %}
30 |
--------------------------------------------------------------------------------
/users/sudo.sls:
--------------------------------------------------------------------------------
1 | # vim: sts=2 ts=2 sw=2 et ai
2 | {% from "users/map.jinja" import users with context %}
3 |
4 | # Ensure availability of bash
5 | users_bash-package:
6 | pkg.installed:
7 | - name: {{ users.bash_package }}
8 |
9 | users_sudo-package:
10 | pkg.installed:
11 | - name: {{ users.sudo_package }}
12 | - require:
13 | - file: {{ users.sudoers_dir }}
14 | - unless: test "`uname`" = "Darwin"
15 |
16 | users_{{ users.sudoers_dir }}:
17 | file.directory:
18 | - name: {{ users.sudoers_dir }}
19 |
20 | users_sudoer-defaults:
21 | file.append:
22 | - name: {{ users.sudoers_file }}
23 | - require:
24 | - pkg: users_sudo-package
25 | - text:
26 | - Defaults env_reset
27 | - Defaults secure_path="/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin"
28 | - '#includedir {{ users.sudoers_dir }}'
29 |
--------------------------------------------------------------------------------
/users/user_files.sls:
--------------------------------------------------------------------------------
1 | {% from "users/map.jinja" import users with context -%}
2 |
3 | include:
4 | - users
5 |
6 | {% set userfile_dirs = salt['cp.list_master_dirs'](prefix='users/files/user/') -%}
7 | {%- for username, user in salt['pillar.get']('users', {}).items() if (user.absent is not defined or not user.absent) -%}
8 | {%- set current = salt.user.info(username) -%}
9 | {%- set user_files = salt['pillar.get'](('users:' ~ username ~ ':user_files'), {'enabled': False}) -%}
10 | {%- set user_group = salt['pillar.get'](('users:' ~ username ~ ':prime_group:name'), username) -%}
11 | {%- set user_home = salt['pillar.get'](('users:' ~ username ~ ':home'), current.get('home', '/home/' ~ username )) -%}
12 | {%- set user_files_template = salt['pillar.get'](('users:' ~ username ~ ':user_files:template'), None) -%}
13 | {%- set user_files_file_mode = salt['pillar.get'](('users:' ~ username ~ ':user_files:file_mode'), False) -%}
14 | {%- set user_files_dir_mode = salt['pillar.get'](('users:' ~ username ~ ':user_files:dir_mode'), False) -%}
15 | {%- set user_files_sym_mode = salt['pillar.get'](('users:' ~ username ~ ':user_files:sym_mode'), False) -%}
16 | {%- set user_files_exclude_pat = salt['pillar.get'](('users:' ~ username ~ ':user_files:exclude_pat'), False) -%}
17 | {%- if user_files.enabled -%}
18 |
19 | {%- if user_files.source is defined -%}
20 | {%- if user_files.source.startswith('salt://') -%}
21 | {%- set file_source = user_files.source -%}
22 | {%- else -%}
23 | {%- set file_source = ('salt://' ~ user.user_files.source) -%}
24 | {%- endif -%}
25 | {%- set skip_user = False -%}
26 | {%- else -%}
27 | {%- if ('users/files/user/' ~ username) in userfile_dirs -%}
28 | {%- set file_source = ('salt://users/files/user/' ~ username) -%}
29 | {%- set skip_user = False -%}
30 | {%- else -%}
31 | {%- set skip_user = True -%}
32 | {%- endif -%}
33 | {%- endif -%}
34 |
35 | {%- if not skip_user %}
36 | users_userfiles_{{ username }}_recursive:
37 | file.recurse:
38 | - name: {{ user_home }}
39 | - source: {{ file_source }}
40 | - user: {{ username }}
41 | - group: {{ user_group }}
42 | {% if user_files_template -%}
43 | - template: {{ user_files_template }}
44 | {% endif -%}
45 | - clean: False
46 | {% if user_files_file_mode -%}
47 | - file_mode: {{ user_files_file_mode }}
48 | {% endif -%}
49 | {% if user_files_dir_mode -%}
50 | - dir_mode: {{ user_files_dir_mode }}
51 | {% endif -%}
52 | {% if user_files_sym_mode -%}
53 | - sym_mode: {{ user_files_sym_mode }}
54 | {% endif -%}
55 | {% if user_files_exclude_pat -%}
56 | - exclude_pat: "{{ user_files_exclude_pat }}"
57 | {% endif -%}
58 | - include_empty: True
59 | - keep_symlinks: True
60 | - require:
61 | - user: users_{{ username }}_user
62 | - file: users_{{ username }}_user
63 | {% endif -%}
64 |
65 | {%- endif -%}
66 | {%- endfor -%}
67 |
--------------------------------------------------------------------------------
/users/vimrc.sls:
--------------------------------------------------------------------------------
1 | {% from "users/map.jinja" import users with context %}
2 |
3 | {% if salt['pillar.get']('users-formula:use_vim_formula', False) %}
4 |
5 | include:
6 | - users
7 | - vim
8 |
9 | {% for name, user in pillar.get('users', {}).items() if user.absent is not defined or not user.absent %}
10 | {%- set current = salt.user.info(name) -%}
11 | {%- if user == None -%}
12 | {%- set user = {} -%}
13 | {%- endif -%}
14 | {%- set home = user.get('home', current.get('home', "/home/%s" % name)) -%}
15 | {%- set manage = user.get('manage_vimrc', False) -%}
16 | {%- if 'prime_group' in user and 'name' in user['prime_group'] %}
17 | {%- set user_group = user.prime_group.name -%}
18 | {%- else -%}
19 | {%- set user_group = name -%}
20 | {%- endif %}
21 | {%- if manage -%}
22 | users_{{ name }}_user_vimrc:
23 | file.managed:
24 | - name: {{ home }}/.vimrc
25 | - user: {{ name }}
26 | - group: {{ user_group }}
27 | - mode: '0644'
28 | - template: jinja
29 | - source:
30 | - salt://users/files/vimrc/{{ name }}/vimrc
31 | - salt://users/files/vimrc/vimrc
32 | {% endif %}
33 | {% endfor %}
34 |
35 | {% endif %}
36 |
--------------------------------------------------------------------------------