diff --git a/.vib/common/goss/templates/check-nginx-php-fpm.yaml b/.vib/common/goss/templates/check-nginx-php-fpm.yaml new file mode 100644 index 000000000000..97fd3290b5dc --- /dev/null +++ b/.vib/common/goss/templates/check-nginx-php-fpm.yaml @@ -0,0 +1,13 @@ +######################## +# Test coverage for the nginx-php-fpm package +# Needed vars: +# - None +######################## +file: + /opt/bitnami/nginx/conf/bitnami/php-fpm.conf: + exists: true + filetype: file + contains: + - "location ~ \\.php$ {" + - "fastcgi_pass unix:/opt/bitnami/php/var/run/www.sock;" + - "include fastcgi_params;" diff --git a/.vib/wordpress-nginx/goss/goss.yaml b/.vib/wordpress-nginx/goss/goss.yaml new file mode 100644 index 000000000000..f8f990b6c662 --- /dev/null +++ b/.vib/wordpress-nginx/goss/goss.yaml @@ -0,0 +1,13 @@ +gossfile: + # Goss tests exclusive to the current container + ../../wordpress-nginx/goss/wordpress-nginx.yaml: {} + # Load scripts from .vib/common/goss/templates + ../../common/goss/templates/check-binaries.yaml: {} + ../../common/goss/templates/check-broken-symlinks.yaml: {} + ../../common/goss/templates/check-ca-certs.yaml: {} + ../../common/goss/templates/check-directories.yaml: {} + ../../common/goss/templates/check-files.yaml: {} + ../../common/goss/templates/check-linked-libraries.yaml: {} + ../../common/goss/templates/check-nginx-php-fpm.yaml: {} + ../../common/goss/templates/check-sed-in-place.yaml: {} + ../../common/goss/templates/check-spdx.yaml: {} diff --git a/.vib/wordpress-nginx/goss/vars.yaml b/.vib/wordpress-nginx/goss/vars.yaml new file mode 100644 index 000000000000..718924eca175 --- /dev/null +++ b/.vib/wordpress-nginx/goss/vars.yaml @@ -0,0 +1,42 @@ +binaries: + - nginx + - mariadb + - php + - render-template + - wp +files: + - paths: + - /opt/bitnami/wordpress/wp-config.php +directories: + - mode: "0775" + paths: + - /bitnami/wordpress + - /opt/bitnami/wordpress + - /opt/bitnami/wordpress/tmp + - /opt/bitnami/wordpress/wp-content/upgrade + - /opt/bitnami/wordpress/wp-content/uploads + - /opt/bitnami/wordpress/wp-content/languages + # WP-CLI + - /opt/bitnami/wp-cli/.cache + - /opt/bitnami/wp-cli/.packages +phpmodules: +# Based on https://make.wordpress.org/hosting/handbook/server-environment/#php-extensions +# Required + - json + - mysqli +# Recommended + - curl + - dom + - exif + - fileinfo + - hash + - imagick + - mbstring + - sodium + - openssl + - pcre + - xml + - zip +# Specific from postunpack logic + - memcached +root_dir: /opt/bitnami diff --git a/.vib/wordpress-nginx/goss/wordpress-nginx.yaml b/.vib/wordpress-nginx/goss/wordpress-nginx.yaml new file mode 100644 index 000000000000..db9f1bcd6bea --- /dev/null +++ b/.vib/wordpress-nginx/goss/wordpress-nginx.yaml @@ -0,0 +1,49 @@ +command: + check-app-version: + exec: sed -nE "s/.wp_version\s*=\s*'([0-9\.]+)';/\1/p" /opt/bitnami/wordpress/wp-includes/version.php | sed -E 's/^[0-9]+\.[0-9]+$/&.0/' + exit-status: 0 + stdout: + - {{ .Env.APP_VERSION }} + # WP-CLI points to correct binaries and config file + check-wp-cli-conf: + exec: wp --info + exit-status: 0 + stdout: + - "/opt/bitnami/php/bin/php" + - "/opt/bitnami/mysql/bin/mysql" + - "/opt/bitnami/wp-cli/conf/wp-cli.yml" + check-enabled-modules: + exec: php -m + exit-status: 0 + stdout: + {{ range $module := .Vars.phpmodules }} + - "{{ $module }}" + {{ end }} +file: + # HTTP vhost should have been properly rendered + /opt/bitnami/nginx/conf/server_blocks/wordpress-server-block.conf: + exists: true + filetype: file + contains: + - /root\s+/opt/bitnami/wordpress/ + - "rewrite ^/bitnami/wordpress(/.*) $1 last;" + # HTTPs vhost should have been properly rendered + /opt/bitnami/nginx/conf/server_blocks/wordpress-https-server-block.conf: + exists: true + filetype: file + contains: + - /listen \d+ ssl/ + - /root\s+/opt/bitnami/wordpress/ + - "rewrite ^/bitnami/wordpress(/.*) $1 last;" + # WP-CLI should point to wordpress' installation path + /opt/bitnami/wp-cli/conf/wp-cli.yml: + exists: true + filetype: file + contains: + - /path.*/opt/bitnami/wordpress/ +group: + daemon: + exists: true +user: + daemon: + exists: true diff --git a/.vib/wordpress-nginx/vib-publish.json b/.vib/wordpress-nginx/vib-publish.json index 8b6fe8eab4e6..028cd2973745 100644 --- a/.vib/wordpress-nginx/vib-publish.json +++ b/.vib/wordpress-nginx/vib-publish.json @@ -3,7 +3,8 @@ "resources": { "url": "{VIB_ENV_CONTAINER_URL}", "path": "{VIB_ENV_PATH}" - } + }, + "runtime_parameters": "Y29tbWFuZDogWyJ0YWlsIiwgIi1mIiwgIi9kZXYvbnVsbCJd" }, "phases": { "package": { @@ -33,6 +34,21 @@ }, "verify": { "actions": [ + { + "action_id": "goss", + "params": { + "resources": { + "path": "/.vib" + }, + "tests_file": "wordpress-nginx/goss/goss.yaml", + "vars_file": "wordpress-nginx/goss/vars.yaml", + "remote": { + "pod": { + "workload": "deploy-wordpress-nginx" + } + } + } + }, { "action_id": "trivy", "params": { diff --git a/.vib/wordpress-nginx/vib-verify.json b/.vib/wordpress-nginx/vib-verify.json index a34e8aee9161..851a343c21fb 100644 --- a/.vib/wordpress-nginx/vib-verify.json +++ b/.vib/wordpress-nginx/vib-verify.json @@ -3,7 +3,8 @@ "resources": { "url": "{SHA_ARCHIVE}", "path": "{VIB_ENV_PATH}" - } + }, + "runtime_parameters": "Y29tbWFuZDogWyJ0YWlsIiwgIi1mIiwgIi9kZXYvbnVsbCJd" }, "phases": { "package": { @@ -29,6 +30,21 @@ }, "verify": { "actions": [ + { + "action_id": "goss", + "params": { + "resources": { + "path": "/.vib" + }, + "tests_file": "wordpress-nginx/goss/goss.yaml", + "vars_file": "wordpress-nginx/goss/vars.yaml", + "remote": { + "pod": { + "workload": "deploy-wordpress-nginx" + } + } + } + }, { "action_id": "trivy", "params": {