{%- from tplroot ~ "/map.jinja" import arvados with context %}
{%- from tplroot ~ "/libtofs.jinja" import files_switch with context %}
+{%- do arvados.cluster.Users.update({'AnonymousUserToken': arvados.cluster.tokens.anonymous_user }) if arvados.cluster.Users.AnonymousUserToken is not defined %}
+
include:
- .package
# yamllint enable rule:line-length
verifier:
inspec_tests:
+ - path: test/integration/repo
- path: test/integration/workbench
- path: test/integration/workbench2
#### shell
- arvados._mapdata
- arvados.repo
- arvados.keepstore
- # - arvados.clean
pillars:
top.sls:
base:
'*':
- arvados
pillars_from_files:
- arvados.sls: test/salt/pillar/arvados.sls
+ arvados.sls: test/salt/pillar/arvados_dev.sls
verifier:
inspec_tests:
- - path: test/integration/repo
- path: test/integration/keepstore
# See https://dev.arvados.org/issues/17150
system_root: changemesystemroottoken
management: changememanagementtoken
+ # The AnonymousUserToken can be set here or in the
+ # USers dictionary below. The latter will be used if set.
anonymous_user: changemeanonymoususertoken
### KEYS
# frozen_string_literal: true
+users_stanza = <<-USERS_STANZA
+ Users:
+ AnonymousUserToken: anonymoususertokensetinthetokensdict
+USERS_STANZA
+
api_stanza = <<-API_STANZA
API:
API_STANZA
its('content') { should include(api_stanza) }
its('content') { should include(rails_stanza) }
its('content') { should include(database_stanza) }
+ its('content') { should include(users_stanza) }
end
end
# frozen_string_literal: true
+users_stanza = <<-USERS_STANZA
+ Users:
+ AnonymousUserToken: anonymoususertokensetintheusersdict
+USERS_STANZA
+
keepstore_stanza = <<-KEEPSTORE_STANZA
Keepstore:
InternalURLs:
end
its('content') { should include(keepstore_stanza) }
its('content') { should include(volumes_stanza) }
+ its('content') { should include(users_stanza) }
end
end
# frozen_string_literal: true
+control 'arvados configuration file' do
+ title 'should not exist'
+
+ describe file('/etc/arvados/config.yml') do
+ it { should_not exist}
+ end
+end
+
control 'shellinabox configuration' do
title 'should match desired lines'
tokens:
system_root: changemesystemroottoken
management: changememanagementtoken
- anonymous_user: changemeanonymoususertoken
+ anonymous_user: anonymoususertokensetinthetokensdict
### KEYS
secrets:
user: arvados
extra_conn_params:
client_encoding: UTF8
+ # Centos7 does not enable SSL by default, so we disable
+ # it here just for testing of the formula purposes only.
+ # You should not do this in production, and should
+ # configure Postgres certificates correctly
+ {%- if grains.os_family in ('RedHat',) %}
+ sslmode: disable
+ {%- endif %}
tls:
# certificate: ''
tokens:
system_root: changemesystemroottoken
management: changememanagementtoken
- anonymous_user: changemeanonymoususertoken
### KEYS
secrets:
Root: /tmp
Users:
+ AnonymousUserToken: anonymoususertokensetintheusersdict
NewUsersAreActive: true
AutoAdminFirstUser: true
AutoSetupNewUsers: true