diff --git a/.vib/moodle/goss/goss.yaml b/.vib/moodle/goss/goss.yaml new file mode 100644 index 000000000000..8232818bff83 --- /dev/null +++ b/.vib/moodle/goss/goss.yaml @@ -0,0 +1,11 @@ +gossfile: + # Goss tests exclusive to the current container + ../../moodle/goss/moodle.yaml: {} + # Load scripts from .vib/common/goss/templates + ../../common/goss/templates/check-binaries.yaml: {} + ../../common/goss/templates/check-broken-symlinks.yaml: {} + ../../common/goss/templates/check-ca-certs.yaml: {} + ../../common/goss/templates/check-directories.yaml: {} + ../../common/goss/templates/check-linked-libraries.yaml: {} + ../../common/goss/templates/check-sed-in-place.yaml: {} + ../../common/goss/templates/check-spdx.yaml: {} diff --git a/.vib/moodle/goss/moodle.yaml b/.vib/moodle/goss/moodle.yaml new file mode 100644 index 000000000000..7990d196c604 --- /dev/null +++ b/.vib/moodle/goss/moodle.yaml @@ -0,0 +1,27 @@ +file: + /opt/bitnami/apache/conf/vhosts/moodle-vhost.conf: + exists: true + contains: + {{ range $rule := .Vars.apache.rules }} + - {{ $rule }} + {{ end }} + /opt/bitnami/php/etc/php.ini: + exists: true + contains: + # Checking if the php.ini keys and pqsql extension are set + - extension = pgsql + - /^memory_limit/ + - /^max_input_vars/ + /opt/bitnami/apache/conf/vhosts/moodle-https-vhost.conf: + exists: true + contains: + - "SSLEngine on" + {{ range $rule := .Vars.apache.rules }} + - {{ $rule }} + {{ end }} +group: + daemon: + exists: true +user: + daemon: + exists: true diff --git a/.vib/moodle/goss/vars.yaml b/.vib/moodle/goss/vars.yaml new file mode 100644 index 000000000000..9c78cf580bd7 --- /dev/null +++ b/.vib/moodle/goss/vars.yaml @@ -0,0 +1,31 @@ +binaries: + - apachectl + - mysql + - php + - psql + - pg_dump + - pg_restore + - pg_dumpall + - render-template +directories: + - mode: "0775" + paths: + - /bitnami/moodle + - /bitnami/moodledata + - /opt/bitnami/moodle +root_dir: /opt/bitnami +sed_in_place: + exclude_paths: + # Ignore libmoodle.sh which uses sed -i + - /opt/bitnami/scripts/libmoodle.sh +apache: + rules: + - RewriteRule "(\/vendor\/)" - [F] + - RewriteRule "(\/node_modules\/)" - [F] + - RewriteRule "(^|/)\.(?!well-known\/)" - [F] + - RewriteRule "(\/environment.xml)" - [F] + - RewriteRule "(\/install.xml)" - [F] + - RewriteRule "(\/README)" - [F] + - RewriteRule "(\/upgrade\.txt)" - [F] + - RewriteRule "(\/package\.json)" - [F] + - RewriteRule "(\/Gruntfile\.js)" - [F] diff --git a/.vib/moodle/vib-publish.json b/.vib/moodle/vib-publish.json index 8b6fe8eab4e6..58705ae73377 100644 --- a/.vib/moodle/vib-publish.json +++ b/.vib/moodle/vib-publish.json @@ -3,7 +3,8 @@ "resources": { "url": "{VIB_ENV_CONTAINER_URL}", "path": "{VIB_ENV_PATH}" - } + }, + "runtime_parameters": "Y29tbWFuZDogWyJ0YWlsIiwgIi1mIiwgIi9kZXYvbnVsbCJd" }, "phases": { "package": { @@ -33,6 +34,21 @@ }, "verify": { "actions": [ + { + "action_id": "goss", + "params": { + "resources": { + "path": "/.vib" + }, + "tests_file": "moodle/goss/goss.yaml", + "vars_file": "moodle/goss/vars.yaml", + "remote": { + "pod": { + "workload": "deploy-moodle" + } + } + } + }, { "action_id": "trivy", "params": { diff --git a/.vib/moodle/vib-verify.json b/.vib/moodle/vib-verify.json index a34e8aee9161..a0305f87c1d4 100644 --- a/.vib/moodle/vib-verify.json +++ b/.vib/moodle/vib-verify.json @@ -3,7 +3,8 @@ "resources": { "url": "{SHA_ARCHIVE}", "path": "{VIB_ENV_PATH}" - } + }, + "runtime_parameters": "Y29tbWFuZDogWyJ0YWlsIiwgIi1mIiwgIi9kZXYvbnVsbCJd" }, "phases": { "package": { @@ -29,6 +30,21 @@ }, "verify": { "actions": [ + { + "action_id": "goss", + "params": { + "resources": { + "path": "/.vib" + }, + "tests_file": "moodle/goss/goss.yaml", + "vars_file": "moodle/goss/vars.yaml", + "remote": { + "pod": { + "workload": "deploy-moodle" + } + } + } + }, { "action_id": "trivy", "params": {