Commit 6451fc6a authored by Jaymz Julian's avatar Jaymz Julian
Browse files
parents 8e27f19b 73c505b5
name: delivery
on: [push, pull_request]
jobs:
delivery:
runs-on: ubuntu-latest
steps:
- name: Check out code
uses: actions/checkout@master
- name: Run Chef Delivery
uses: actionshub/chef-delivery@master
env:
CHEF_LICENSE: accept-no-persist
\ No newline at end of file
......@@ -37,13 +37,11 @@ doc/
# chef stuff
Berksfile.lock
.kitchen
.kitchen.local.yml
kitchen.local.yml
vendor/
.coverage/
.zero-knife.rb
Policyfile.lock.json
Cheffile.lock
.librarian/
# vagrant stuff
.vagrant/
......
dist: trusty
sudo: false
addons:
apt:
sources:
- chef-current-trusty
packages:
- chefdk
# Don't `bundle install`
install: echo "skip bundle install"
branches:
only:
- master
# Ensure we make ChefDK's Ruby the default
before_script:
- eval "$(chef shell-init bash)"
script:
- chef --version
- cookstyle --version
- foodcritic --version
- chef exec delivery local all
......@@ -2,23 +2,35 @@
This file is used to list changes made in each version of ulimit.
## 0.6.0
- Rewrote as new style custom resource
## 0.5.0
- Added a Test Kitchen config for basic testing
## 1.1.0 (03-13-2020)
- Converted `user_ulimit` resource from a legacy HWRP to a custom resource
- Added ChefSpec tests fro the `user_ulimit` resource
- Resolved failures in `ulimit_domain` resource when running on Chef Infra Client 16
- Switched testing from Travis-CI to GitHub Actions
- Resolved minor Cookstyle warnings in the metadata.rb file
- Renamed the kitchen.yml file to not be hidden
- Added a new `virt_limit` property to the `user_ulimit` resource
## 1.0.0
- Breaking change: This cookbook now requires Chef 12.7 or later
- LWRPs converted to custom resources with Chef 13 compatibility
- Added the rtprio property to the user resource
- Updated the cookbook to not append .conf onto filenames when the user already specified a name that ends in .conf
- Added a chefignore file to limit what files get uploaded to the chef server
- Added a Test Kitchen config + InSpec tests for unit testing
- Added the license file to the repo to resolve a Foodcritic warning
- Added a Berksfile
- Added a chefignore file to limit what gets uploaded to the Chef Server
- Resolved all cookstyle warnings
- Added Chefspec matchers
- Fixed the metadata license string to be an SPDX standard license string to resolve Foodcritic warnings
- Add supports, source_url, issues_url, and chef_version metadata to resolve Foodcritic warnings
- Resolved backwards compatibility check for Chef 10
- Switched the default recipe from platform to platform_family to catch more Debian/Ubuntu derivatives
- Added testing with ChefDK's delivery local mode in Travis
- Expanded the readme with better information on requirements and usage examples
- Removed ChefSpec matchers that are autogenerated by ChefSpec now
- Added Cookstyle and autocorrected all code
- Added a basic ChefSpec unit test
## 0.3.2
......
# Contributing
## Branches
### `master` branch
The master branch is the current committed changes. These changes may not yet be released although we try to release often.
## Tags
All releases are tagged in git. To see the releases available to you see the changelog or the tags directly.
## Pull requests
- <https://github.com/bmhatfield/chef-ulimit/pulls>
## Issues
Need to report an issue? Use the github issues:
- <https://github.com/bmhatfield/chef-ulimit/issues>
# ulimit Cookbook
[![Build Status](https://travis-ci.org/bmhatfield/chef-ulimit.svg?branch=master)](https://travis-ci.org/bmhatfield/chef-ulimit) [![Cookbook Version](https://img.shields.io/cookbook/v/ulimit.svg)](https://supermarket.chef.io/cookbooks/ulimit)
![delivery](https://github.com/bmhatfield/chef-ulimit/workflows/delivery/badge.svg?branch=master)
[![Cookbook Version](https://img.shields.io/cookbook/v/ulimit.svg)](https://supermarket.chef.io/cookbooks/ulimit)
This cookbook provides resources for managing ulimits configuration on nodes.
......@@ -75,6 +76,7 @@ The `user_ulimit` resource creates individual ulimit files that are installed in
- `process_soft_limit` -
- `process_hard_limit` -
- `memory_limit` -
- `virt_limit` -
- `core_limit` -
- `core_soft_limit` -
- `core_hard_limit` -
......
Please refer to
https://github.com/chef-cookbooks/community_cookbook_documentation/blob/master/TESTING.MD
......@@ -45,22 +45,19 @@ a.out
# Testing #
###########
.watchr
.rspec
spec/*
spec/fixtures/*
test/*
features/*
examples/*
Guardfile
Procfile
.kitchen*
.rubocop.yml
spec/*
Rakefile
.travis.yml
.foodcritic
.codeclimate.yml
appveyor.yml
# SCM #
#######
......@@ -92,16 +89,4 @@ Policyfile.lock.json
CONTRIBUTING*
CHANGELOG*
TESTING*
MAINTAINERS.toml
# Strainer #
############
Colanderfile
Strainerfile
.colander
.strainer
# Vagrant #
###########
.vagrant
Vagrantfile
......@@ -4,6 +4,7 @@ class Chef
class Resource
class UlimitDomain < Chef::Resource
provides :ulimit_domain
resource_name :ulimit_domain
property :domain, String
property :domain_name, String, name_property: true
property :filename, String
......@@ -36,7 +37,6 @@ class Chef
end
action :create do
seq = 0
new_resource.subresource_rules.map do |sub_resource|
sub_resource.run_context = new_resource.run_context
sub_resource.run_action(:create)
......
......@@ -3,8 +3,7 @@ maintainer 'Brian Hatfield'
maintainer_email 'bmhatfield@gmail.com'
license 'Apache-2.0'
description 'Resources for manaing ulimits'
long_description IO.read(File.join(File.dirname(__FILE__), 'README.md'))
version '0.5.0'
version '1.1.0'
%w(amazon centos redhat scientific oracle fedora debian ubuntu).each do |os|
supports os
......@@ -12,4 +11,4 @@ end
source_url 'https://github.com/bmhatfield/chef-ulimit'
issues_url 'https://github.com/bmhatfield/chef-ulimit/issues'
chef_version '>= 12.7' if respond_to?(:chef_version)
chef_version '>= 12.7'
# Cookbook:: ulimit
# Recipe:: default
#
# Copyright 2012, Brightcove, Inc
# Copyright:: 2012, Brightcove, Inc
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
......@@ -17,8 +17,7 @@
#
ulimit = node['ulimit']
case node['platform_family']
when 'debian'
if platform_family?('debian')
template '/etc/pam.d/su' do
cookbook ulimit['pam_su_template_cookbook']
end
......
resource_name :user_ulimit
property :username, String, name_property: true
property :filehandle_limit, [String, Integer]
property :filehandle_soft_limit, [String, Integer]
property :filehandle_hard_limit, [String, Integer]
property :process_limit, [String, Integer]
property :process_soft_limit, [String, Integer]
property :process_hard_limit, [String, Integer]
property :memory_limit, [String, Integer]
property :core_limit, [String, Integer]
property :core_soft_limit, [String, Integer]
property :core_hard_limit, [String, Integer]
property :stack_limit, [String, Integer]
property :stack_soft_limit, [String, Integer]
property :stack_hard_limit, [String, Integer]
property :rtprio_limit, [String, Integer]
property :rtprio_soft_limit, [String, Integer]
property :rtprio_hard_limit, [String, Integer]
property :virt_limit, [String, Integer]
property :filename, String,
coerce: proc { |m| m.end_with?('.conf') ? m : m + '.conf' },
default: lazy { |r| r.username == '*' ? '00_all_limits.conf' : "#{r.username}_limits.conf" }
action :create do
template "/etc/security/limits.d/#{new_resource.filename}" do
source 'ulimit.erb'
cookbook 'ulimit'
mode '0644'
variables(
ulimit_user: new_resource.username,
filehandle_limit: new_resource.filehandle_limit,
filehandle_soft_limit: new_resource.filehandle_soft_limit,
filehandle_hard_limit: new_resource.filehandle_hard_limit,
process_limit: new_resource.process_limit,
process_soft_limit: new_resource.process_soft_limit,
process_hard_limit: new_resource.process_hard_limit,
memory_limit: new_resource.memory_limit,
core_limit: new_resource.core_limit,
core_soft_limit: new_resource.core_soft_limit,
core_hard_limit: new_resource.core_hard_limit,
stack_limit: new_resource.stack_limit,
stack_soft_limit: new_resource.stack_soft_limit,
stack_hard_limit: new_resource.stack_hard_limit,
rtprio_limit: new_resource.rtprio_limit,
rtprio_soft_limit: new_resource.rtprio_soft_limit,
rtprio_hard_limit: new_resource.rtprio_hard_limit,
virt_limit: new_resource.virt_limit
)
end
end
action :delete do
file "/etc/security/limits.d/#{new_resource.filename}" do
action :delete
end
end
require 'spec_helper'
describe 'custom resource test recipe on ubuntu 16.04' do
let(:runner) { ChefSpec::ServerRunner.new(platform: 'ubuntu', version: '16.04') }
let(:chef_run) { runner.converge('test::default') }
it 'converges successfully' do
expect { :chef_run }.to_not raise_error
end
end
require 'spec_helper'
describe 'user_ulimit resource' do
step_into :user_ulimit
platform 'ubuntu'
context 'without the filename specified' do
recipe do
user_ulimit 'tomcat' do
filehandle_soft_limit 8192
end
end
it { is_expected.to create_template('/etc/security/limits.d/tomcat_limits.conf') }
end
context 'with the filename specified and not ending in .conf' do
recipe do
user_ulimit 'tomcat' do
filename 'foo'
filehandle_soft_limit 8192
end
end
it { is_expected.to create_template('/etc/security/limits.d/foo.conf') }
end
context 'with the filename specified and ending in .conf' do
recipe do
user_ulimit 'tomcat' do
filename 'foo.conf'
filehandle_soft_limit 8192
end
end
it { is_expected.to create_template('/etc/security/limits.d/foo.conf') }
end
context 'with the username set to *' do
recipe do
user_ulimit 'tomcat' do
username '*'
filehandle_soft_limit 8192
end
end
it { is_expected.to create_template('/etc/security/limits.d/00_all_limits.conf') }
end
end
# Limits settings for <%= @ulimit_user %>
<% unless @filehandle_limit.nil? -%>
<%= @ulimit_user -%> - nofile <%= @filehandle_limit %>
<% else -%><% unless @filehandle_soft_limit.nil? -%><%= @ulimit_user -%> soft nofile <%= @filehandle_soft_limit %><% end -%>
<% unless @filehandle_hard_limit.nil? -%><%= @ulimit_user -%> hard nofile <%= @filehandle_hard_limit %><% end -%>
<% end -%>
<% unless @process_limit.nil? -%>
<%= @ulimit_user -%> - nproc <%= @process_limit %>
<% else -%><% unless @process_soft_limit.nil? -%><%= @ulimit_user -%> soft nproc <%= @process_soft_limit %><% end -%>
<% unless @process_hard_limit.nil? -%><%= @ulimit_user -%> hard nproc <%= @process_hard_limit %><% end -%>
<% end -%>
<% unless @memory_limit.nil? -%>
<%= @ulimit_user -%> - memlock <%= @memory_limit %>
<% end -%>
<% unless @core_limit.nil? -%>
<%= @ulimit_user -%> - core <%= @core_limit %>
<% else -%><% unless @core_soft_limit.nil? -%><%= @ulimit_user -%> soft core <%= @core_soft_limit %><% end -%>
<% unless @core_hard_limit.nil? -%><%= @ulimit_user -%> hard core <%= @core_hard_limit %><% end -%>
<% end -%>
<% unless @stack_limit.nil? -%>
<%= @ulimit_user -%> - stack <%= @stack_limit %>
<% else -%><% unless @stack_soft_limit.nil? -%><%= @ulimit_user -%> soft stack <%= @stack_soft_limit %><% end -%>
<% unless @stack_hard_limit.nil? -%><%= @ulimit_user -%> hard stack <%= @stack_hard_limit %><% end -%>
<% end -%>
<% unless @rtprio_limit.nil? -%>
<%= @ulimit_user -%> - rtprio <%= @rtprio_limit %>
<% else -%><% unless @rtprio_soft_limit.nil? -%><%= @ulimit_user -%> soft rtprio <%= @rtprio_soft_limit %><% end -%>
<% unless @rtprio_hard_limit.nil? -%><%= @ulimit_user -%> hard rtprio <%= @rtprio_hard_limit %><% end -%>
<% end -%>
<% unless @virt_limit.nil? -%>
<%= @ulimit_user -%> - as <%= @virt_limit %>
<% end -%>
Markdown is supported
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment