ci: use pillars_from_directories & test/salt/pillar/top.sls

* Semi-automated using myii/ssf-formula#430

kitchen.yml

@@ -17,6 +17,8 @@ provisioner:
   salt_copy_filter:
     - .kitchen
     - .git
+  pillars_from_directories:
+    - test/salt/pillar
 
 platforms:
   ## SALT `tiamat`
@@ -307,13 +309,6 @@ suites:
             - tomcat.expires
             - tomcat.context
             - tomcat.cluster
-      pillars:
-        top.sls:
-          base:
-            '*':
-              - tomcat
-      pillars_from_files:
-        tomcat.sls: pillar.example
     verifier:
       inspec_tests:
         - path: test/integration/default

test/salt/pillar/default.sls

@@ -0,0 +1,216 @@
+# -*- coding: utf-8 -*-
+# vim: ft=yaml
+---
+tomcat:
+  # The Tomcat version can be overridden like so.
+  # ver: 9
+  security: 'no'
+  # The Java home directory can be overridden like so.
+  # java_home: '/usr/lib/jvm/default-java'
+
+  # Any parameter you may pass to the java app, you can pass it here,
+  # without the preceding dash. The template builds the correct JAVA_OPTS
+  # line, adding the dash.
+  # Java's parameter don't follow a pattern (that I can see), so I think it's
+  # the best way to build the string of opts.
+  java_opts:
+    - 'Djava.awt.headless=true'
+    - 'Xmx128m'
+    - 'XX:MaxPermSize=256m'
+    # Change paths to correct locations
+    - 'Dlog4j.configuration=file:/tmp/log4j.properties'
+    - 'Dlogback.configurationFile=/tmp/logback.xml'
+  jsp_compiler: javac
+  logfile_days: 14
+  logfile_compress: 1
+  authbind: 'no'
+  expires_when: '2 weeks'
+
+  # important: false for Travis CI and maybe MacOS
+  service_running: false
+
+  limit:
+    soft: 64000
+    hard: 64000
+  connectors:
+    example_connector:
+      port: 8443
+      protocol: 'org.apache.coyote.http11.Http11Protocol'
+      connectionTimeout: 20000
+      URIEncoding: 'UTF-8'
+      redirectPort: 8443
+      maxHttpHeaderSize: 8192
+      maxThreads: 150
+      minSpareThreads: 25
+      enableLookups: 'false'
+      disableUploadTimeout: 'true'
+      acceptCount: 100
+      scheme: https
+      secure: 'true'
+      clientAuth: 'false'
+      sslProtocol: TLS
+      SSLEnabled: 'false'
+      # Change to realpath before setting "SSLEnabled: 'true'"
+      keystoreFile: '/path/to/keystoreFile'
+      keystorePass: 'somerandomtext'
+  sites:
+    # unique; used as salt ID and in template as `host_name` if
+    # `name` is not declared
+    example.com:
+      # for "Host name=" in server.xml. If not declared ID declaration will be used
+      name: 'tomcat-server'
+      appBase: ../webapps/myapp
+      path: ''
+      docBase: ../webapps/myapp
+      alias: www.example.com
+      host_parameters:
+        unpackWARs: "true"
+        autoDeploy: "true"
+        deployXML: "false"
+      reloadable: "true"
+      debug: 0
+    example.net:
+      appBase: ../webapps/myapp2
+      path: ''
+      docBase: ../webapps/myapp2
+      alias: www.example.net
+      host_parameters:
+        unpackWARs: "true"
+        autoDeploy: "true"
+      reloadable: "true"
+      debug: 0
+      valves:
+        - className: org.apache.catalina.valves.AccessLogValve
+          directory: logs
+          prefix: localhost_access_log.
+          fileDateFormat: yyyy-MM-dd-HH
+          suffix: .log
+          pattern: >-
+            %h %l %u %t "%m http://%v%U %H" %s %b
+            "%{Referer}i" "%{User-Agent}i" %D
+        - className: org.apache.catalina.authenticator.SingleSignOn
+  manager:
+    # This now supports multiple user acccounts and variable roles.
+    roles:
+      - manager-gui
+      - manager-script
+      - manager-jmx
+      - manager-status
+    users:
+      saltuser1:
+        passwd: RfgpE2iQwD
+        roles: manager-gui,manager-script,manager-jmx,manager-status
+      saltuser2:
+        passwd: RfgpE2iQwD
+        # Alternatively, roles can also be a list
+        roles:
+          - manager-gui
+          - manager-script
+          - manager-jmx
+          - manager-status
+  context:
+    # Let's you define multiple elements in the global context.xml file.
+    # The state does not try to be clever about the correctness of what you add here,
+    # just iterates over the dictionary of <Elements_types> and generates entries
+    # in the file. Ie, the lines below will generate:
+    #
+    # <Environment
+    #     name="env.first"
+    #     value="first.text"
+    #     type="java.lang.String"
+    #     override="true"
+    # />
+    # <Environment
+    #     name="env.second"
+    #     value="second.value"
+    #     type="some.other.type"
+    #     override="false"
+    # />
+    # <Listener
+    #     className="org.apache.catalina.security.SecurityListener"
+    # />
+    # <Listener
+    #     className="org.apache.catalina.core.AprLifecycleListener"
+    #     SSLEngine="on"
+    # />
+    # <Resource
+    #     name="jdbc/__postgres"
+    #     auth="Container"
+    #     type="javax.sql.DataSource"
+    #     driverClassName="org.postgresql.Driver"
+    #     url="jdbc:postgresql://db.server/dbname"
+    #     username="dbuser"
+    #     password="aycaramba!"
+    #     maxActive="20"
+    #     maxIdle="10"
+    #     maxWait="-1"
+    # />
+    # <ResourceLink
+    #     name="linkToGlobalResource"
+    #     global="simpleValue"
+    #     type="java.lang.Integer"
+    # />
+
+    Environment:
+      env.first:
+        name: env.first
+        value: first.text
+        type: java.lang.String
+        override: true
+      env.second:
+        name: env.second
+        value: second.value
+        type: some.other.type
+        override: false
+    Listener:
+      first:
+        className: org.apache.catalina.security.SecurityListener
+      second:
+        className: org.apache.catalina.core.AprLifecycleListener
+        SSLEngine: 'on'
+    Resource:
+      jdbc:
+        name: jdbc/__postgres
+        auth: Container
+        type: javax.sql.DataSource
+        driverClassName: org.postgresql.Driver
+        url: jdbc:postgresql://db.server/dbname
+        user: dbuser
+        password: aycaramba!
+        maxActive: 20
+        maxIdle: 10
+        maxWait: -1
+    ResourceLink:
+      any_name_here_will_be_ignored:
+        name: linkToGlobalResource
+        global: simpleValue
+        type: java.lang.Integer
+  other_contexts:
+    # will be available at 'tomcat.conf_dir/Catalina/localhost/context'
+    'other-contexts':
+      # parameters to the context itself.
+      params:
+        docBase: /path/to/webapp
+        debug: 1
+        reloadable: 'true'
+        crossContext: 'true'
+      # elements take the same form as the default 'context' section above.
+      elements:
+        Resource:
+          jdbc:
+            name: jdbc/__postgres
+            auth: Container
+            type: javax.sql.DataSource
+            driverClassName: org.postgresql.Driver
+            url: jdbc:postgresql://db.server/dbname
+            user: dbuser
+            password: aycaramba!
+            maxActive: 20
+            maxIdle: 10
+            maxWait: -1
+
+        Resources:
+          PostResources:
+            className: org.apache.catalina.webresources.DirResourceSet
+            base: "/var/lib/tomcat8/appconfig"
+            webAppMount: "/WEB-INF/classes"

test/salt/pillar/no_MaxPermSize.sls

@@ -0,0 +1,10 @@
+# -*- coding: utf-8 -*-
+# vim: ft=yaml
+---
+tomcat:
+  java_opts:
+    - 'Djava.awt.headless=true'
+    - 'Xmx128m'
+    # Change paths to correct locations
+    - 'Dlog4j.configuration=file:/tmp/log4j.properties'
+    - 'Dlogback.configurationFile=/tmp/logback.xml'

test/salt/pillar/top.sls

@@ -0,0 +1,9 @@
+# -*- coding: utf-8 -*-
+# vim: ft=yaml
+---
+base:
+  '*':
+    - default
+  'G@osfinger:Amazon*Linux-2 or G@osfinger:Fedora*Linux-36':
+    - no_MaxPermSize
+...