Test Kitchen is a common tool for integration testing of Chef cookbooks. Usually a combination of Vagrant&VirtualBox is used to bring up the VMs. This works well for local development setups, but what about Continuous Integration environments? You can find several approaches how cookbooks can be tested in the CI:

Well, but what about the case you want to use Vagrant&VirtualBox in the CI too? There are some reasons for this approach:

  • Maybe you can not use public cloud providers for some reasons and do not have your own on-premise cloud like OpenStack
  • Maybe you want to use the same setup/technologies in the CI and locally as you want be able to easy reproduce errors and problems

GitLab is quite often used in the enterprise environments, where restrictions on the public cloud usage may apply. GitLab has its own GitLab CI, which can be easily used for cookbook testing.

This post covers a basic GitLab CI setup with Test Kitchen and Vagrant&VirtualBox as backend.

Chef has different execution phases. Especially the compile and converge phase are important when writing cookbooks: the resources are collected in the compile phase and are executed in the converge phase.

In some special cases you might want to have dynamic resources, which are created and executed in the converge phase. The main background is that you want to react on something you known in the execution phase only.

Given a situtation where you want to cleanup configuration files, which get installed by some package during a chef run (real examples might be apache on debian or freeradius on RHEL). You can try to solve this situation like this:

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
package 'freeradius'

# Our module configuration
template '/etc/raddb/mods-available/eap-tls' do
...
end

Dir.glob('/etc/raddb/mods-available/*').each do |mod_path|
  file_name = File.basename(mod_path)
  next if file_name == 'eap-tls'

  file mod_path do
    action :delete
  end
end

However this will not work: you try to glob over /etc/raddb/mods-available in the compile phase, but this path doesn’t exist as freeradius gets installed in the converge phase.

Inspec is a modern framework for infrastructure testing. It can be used as replacement for Serverspec.

Usually the inspec tests are describing a particial resource:

1
2
3
describe file('/etc/passwd') do
  its('mode') { should cmp '0644' }
end

However in some case it might be useful to use the common RSpec style with nested describe-context-it statements.

Chef Development Kit contains a chef-dk gem with chef executable. chef generate is a pretty usefull command for generation of skelettons. Per default the information like author, license or email looks like this:

1
2
3
4
5
6
$ cat testcookbook/metadata.rb
name 'testcookbook'
maintainer 'The Authors'
maintainer_email 'you@example.com'
license 'all_rights'
...

How to get your own data instead of this defaults?

Hybrid suspend is a suspend mode, where suspend-to-disk and suspend-to-ram are executed together in the same time. Its a quite usefull mode for notebooks:

  • fast wake up because of suspend-to-ram
  • no data loss in case of empty battery during the suspend

Docker docs and ACI docs decsribe the steps how to create base images from existing tarballs/folders with root file systems of distribution. If you make a deeper look, you will probably find the CentOS tarballs which are used by docker for creation of centos base images.

But how to get this root file system tree? This blogpost covers the creation of this root file system tree for CentOS and the creation of base images for Docker and Rkt.