diff --git a/.rubocop.yml b/.rubocop.yml
index 999681bb620783a4964cdafa4f1eb3c97a1c08c5..3a1f7aa396f0c95d5f4821793dec72c8badf7f7b 100644
--- a/.rubocop.yml
+++ b/.rubocop.yml
@@ -20,6 +20,9 @@ AllCops:
- test/integration/**/serverspec/*
# Any offenses that should be fixed, e.g. collected via. `rubocop --auto-gen-config`
+Lint/EmptyWhen:
+ Exclude:
+ - test/integration/default/controls/config_spec.rb
Style/FormatStringToken:
Exclude:
- - test/integration/tomcat_install/controls/yaml_dump_spec.rb
+ - test/integration/default/controls/yaml_dump_spec.rb
diff --git a/.travis.yml b/.travis.yml
index 8d0c9aeffa2b3714358672200a76b1f61a966891..2ee34c5ab187bcebbece81fcb825fa43a7bfccfd 100644
--- a/.travis.yml
+++ b/.travis.yml
@@ -58,43 +58,42 @@ jobs:
## Define the rest of the matrix based on Kitchen testing
# Make sure the instances listed below match up with
# the `platforms` defined in `kitchen.yml`
- - env: INSTANCE=tomcat-install-debian-10-master-py3
- - env: INSTANCE=tomcat-install-ubuntu-1804-master-py3
- # - env: INSTANCE=tomcat-extend-ubuntu-1804-master-py3
- # - env: INSTANCE=tomcat-install-centos-8-master-py3
- - env: INSTANCE=tomcat-install-fedora-31-master-py3
- - env: INSTANCE=tomcat-install-opensuse-leap-151-master-py3
- # - env: INSTANCE=tomcat-install-amazonlinux-2-master-py3
- # - env: INSTANCE=tomcat-install-arch-base-latest-master-py2
- # - env: INSTANCE=tomcat-install-debian-10-3000-1-py3
- # - env: INSTANCE=tomcat-install-ubuntu-1804-3000-1-py3
- # - env: INSTANCE=tomcat-install-centos-8-3000-1-py3
- # - env: INSTANCE=tomcat-install-fedora-31-3000-1-py3
- # - env: INSTANCE=tomcat-install-opensuse-leap-151-3000-1-py3
- - env: INSTANCE=tomcat-install-amazonlinux-2-3000-1-py3
- # - env: INSTANCE=tomcat-install-arch-base-latest-3000-1-py2
- # - env: INSTANCE=tomcat-install-debian-10-2019-2-py3
- - env: INSTANCE=tomcat-install-debian-9-2019-2-py3
- # - env: INSTANCE=tomcat-install-ubuntu-1804-2019-2-py3
- # - env: INSTANCE=tomcat-install-ubuntu-1604-2019-2-py3
- # - env: INSTANCE=tomcat-install-centos-8-2019-2-py3
- - env: INSTANCE=tomcat-install-centos-7-2019-2-py3
- # - env: INSTANCE=tomcat-install-fedora-31-2019-2-py3
- # - env: INSTANCE=tomcat-install-opensuse-leap-151-2019-2-py3
- # - env: INSTANCE=tomcat-install-amazonlinux-2-2019-2-py3
- # - env: INSTANCE=tomcat-install-ubuntu-1804-2019-2-py2
- # - env: INSTANCE=tomcat-install-amazonlinux-1-2019-2-py2
- # - env: INSTANCE=tomcat-install-arch-base-latest-2019-2-py2
- # - env: INSTANCE=tomcat-install-centos-7-2018-3-py3
- # - env: INSTANCE=tomcat-install-fedora-30-2018-3-py3
- # - env: INSTANCE=tomcat-install-debian-9-2018-3-py2
- # - env: INSTANCE=tomcat-install-debian-8-2018-3-py2
- # - env: INSTANCE=tomcat-install-ubuntu-1804-2018-3-py2
- # - env: INSTANCE=tomcat-install-ubuntu-1604-2018-3-py2
- # - env: INSTANCE=tomcat-install-centos-6-2018-3-py2
- # - env: INSTANCE=tomcat-install-opensuse-leap-151-2018-3-py2
- # - env: INSTANCE=tomcat-install-amazonlinux-1-2018-3-py2
- # - env: INSTANCE=tomcat-install-arch-base-latest-2018-3-py2
+ - env: INSTANCE=default-debian-10-master-py3
+ - env: INSTANCE=default-ubuntu-1804-master-py3
+ # - env: INSTANCE=default-centos-8-master-py3
+ - env: INSTANCE=default-fedora-31-master-py3
+ - env: INSTANCE=default-opensuse-leap-151-master-py3
+ # - env: INSTANCE=default-amazonlinux-2-master-py3
+ # - env: INSTANCE=default-arch-base-latest-master-py2
+ # - env: INSTANCE=default-debian-10-3000-1-py3
+ # - env: INSTANCE=default-ubuntu-1804-3000-1-py3
+ # - env: INSTANCE=default-centos-8-3000-1-py3
+ # - env: INSTANCE=default-fedora-31-3000-1-py3
+ # - env: INSTANCE=default-opensuse-leap-151-3000-1-py3
+ - env: INSTANCE=default-amazonlinux-2-3000-1-py3
+ # - env: INSTANCE=default-arch-base-latest-3000-1-py2
+ # - env: INSTANCE=default-debian-10-2019-2-py3
+ - env: INSTANCE=default-debian-9-2019-2-py3
+ # - env: INSTANCE=default-ubuntu-1804-2019-2-py3
+ # - env: INSTANCE=default-ubuntu-1604-2019-2-py3
+ # - env: INSTANCE=default-centos-8-2019-2-py3
+ - env: INSTANCE=default-centos-7-2019-2-py3
+ # - env: INSTANCE=default-fedora-31-2019-2-py3
+ # - env: INSTANCE=default-opensuse-leap-151-2019-2-py3
+ # - env: INSTANCE=default-amazonlinux-2-2019-2-py3
+ # - env: INSTANCE=default-ubuntu-1804-2019-2-py2
+ # - env: INSTANCE=default-amazonlinux-1-2019-2-py2
+ # - env: INSTANCE=default-arch-base-latest-2019-2-py2
+ # - env: INSTANCE=default-centos-7-2018-3-py3
+ # - env: INSTANCE=default-fedora-30-2018-3-py3
+ # - env: INSTANCE=default-debian-9-2018-3-py2
+ - env: INSTANCE=default-debian-8-2018-3-py2
+ # - env: INSTANCE=default-ubuntu-1804-2018-3-py2
+ # - env: INSTANCE=default-ubuntu-1604-2018-3-py2
+ # - env: INSTANCE=default-centos-6-2018-3-py2
+ # - env: INSTANCE=default-opensuse-leap-151-2018-3-py2
+ # - env: INSTANCE=default-amazonlinux-1-2018-3-py2
+ # - env: INSTANCE=default-arch-base-latest-2018-3-py2
## Define the release stage that runs `semantic-release`
- stage: 'release'
diff --git a/docs/README.rst b/docs/README.rst
index 41e0af9e1f24df8cb09b69ffd088cf3ebeea77aa..c26ce8025d9524256f365a88e4eef12ab341146c 100644
--- a/docs/README.rst
+++ b/docs/README.rst
@@ -84,12 +84,12 @@ Configures Tomcat name-based virtual hosts using data from Pillar.
``tomcat.expires``
^^^^^^^^^^^^^^^^^^
-Configures Tomcat simple TCP cluster using data from Pillar.
+Enables Tomcats' ExpiresFilter using data from Pillar.
``tomcat.cluster``
^^^^^^^^^^^^^^^^^^
-Enables Tomcats' ExpiresFilter using data from Pillar.
+Configures Tomcat simple TCP cluster using data from Pillar.
``tomcat.context``
^^^^^^^^^^^^^^^^^^
diff --git a/kitchen.yml b/kitchen.yml
index 4dc8824367f17b86ff7960906ad5a994b5a0356b..2c3e37000e89a71ad0e5ce9bd97eaa005506e553 100644
--- a/kitchen.yml
+++ b/kitchen.yml
@@ -173,28 +173,15 @@ verifier:
- cli
suites:
- - name: tomcat_install
+ - name: default
provisioner:
state_top:
base:
'*':
- tomcat.yaml_dump
- tomcat
- pillars:
- top.sls:
- base:
- '*':
- - tomcat
- pillars_from_files:
- tomcat.sls: pillar.example
- verifier:
- inspec_tests:
- - path: test/integration/tomcat_install
- - name: tomcat_extend
- provisioner:
- state_top:
- base:
- '*':
+ - tomcat.native
+ - tomcat.config
- tomcat.manager
- tomcat.vhosts
- tomcat.expires
@@ -207,6 +194,9 @@ suites:
- tomcat
pillars_from_files:
tomcat.sls: pillar.example
+ dependencies:
+ - name: comparison_files
+ path: ./test/salt
verifier:
inspec_tests:
- - path: test/integration/tomcat_extend
+ - path: test/integration/default
diff --git a/test/integration/tomcat_extend/README.md b/test/integration/default/README.md
similarity index 72%
rename from test/integration/tomcat_extend/README.md
rename to test/integration/default/README.md
index c0f5e1b448bbaaae04409797f9afc32b5beab15b..37cf963c3f4f691c03ad64220d79986891420116 100644
--- a/test/integration/tomcat_extend/README.md
+++ b/test/integration/default/README.md
@@ -1,16 +1,16 @@
-# InSpec Profile: `tomcat_extend`
+# InSpec Profile: `default`
-This shows the implementation of the `tomcat_extend` InSpec [profile](https://github.com/inspec/inspec/blob/master/docs/profiles.md).
+This shows the implementation of the `default` InSpec [profile](https://github.com/inspec/inspec/blob/master/docs/profiles.md).
## Verify a profile
InSpec ships with built-in features to verify a profile structure.
```bash
-$ inspec check tomcat_extend
+$ inspec check default
Summary
-------
-Location: tomcat_extend
+Location: default
Profile: profile
Controls: 4
Timestamp: 2019-06-24T23:09:01+00:00
@@ -28,7 +28,7 @@ Warnings
To run all **supported** controls on a local machine use `inspec exec /path/to/profile`.
```bash
-$ inspec exec tomcat_extend
+$ inspec exec default
..
Finished in 0.0025 seconds (files took 0.12449 seconds to load)
@@ -40,7 +40,7 @@ Finished in 0.0025 seconds (files took 0.12449 seconds to load)
To run one control from the profile use `inspec exec /path/to/profile --controls name`.
```bash
-$ inspec exec tomcat_extend --controls package
+$ inspec exec default --controls package
.
Finished in 0.0025 seconds (files took 0.12449 seconds to load)
diff --git a/test/integration/default/controls/config_spec.rb b/test/integration/default/controls/config_spec.rb
new file mode 100644
index 0000000000000000000000000000000000000000..09ef4492d31885663f87fedc96665809908d36f8
--- /dev/null
+++ b/test/integration/default/controls/config_spec.rb
@@ -0,0 +1,113 @@
+# frozen_string_literal: true
+
+# Prepare platform "finger" and base path to file comparison directory
+platform_finger = "#{platform[:name]}-#{platform[:release].split('.')[0]}"
+comparison_files_dir = '/tmp/kitchen/srv/salt/comparison_files'
+
+# Default values for `control 'Tomcat main config'`
+main_config_file = '/etc/sysconfig/tomcat'
+# Default values for `control 'Tomcat Catalina temp dir'`
+catalina_tmpdir = '/var/cache/tomcat/temp'
+catalina_tmpdir_user_and_group = 'tomcat'
+# Default values for `control 'Tomcat `server.xml` config'`
+conf_dir = '/etc/tomcat'
+server_xml_user_and_group = 'tomcat'
+
+# Override by platform
+case platform[:family]
+when 'debian'
+ main_config_file = '/etc/default/tomcat8'
+ catalina_tmpdir = '/var/cache/tomcat8/temp'
+ catalina_tmpdir_user_and_group = 'tomcat8'
+ conf_dir = '/etc/tomcat8'
+ server_xml_user_and_group = 'tomcat8'
+ case platform_finger
+ when 'debian-10'
+ main_config_file = '/etc/default/tomcat9'
+ catalina_tmpdir = '/var/cache/tomcat9/temp'
+ catalina_tmpdir_user_and_group = 'tomcat'
+ conf_dir = '/etc/tomcat9'
+ server_xml_user_and_group = 'tomcat'
+ when 'debian-9'
+ when 'debian-8'
+ main_config_file = '/etc/default/tomcat7'
+ catalina_tmpdir = '/var/cache/tomcat7/temp'
+ catalina_tmpdir_user_and_group = 'tomcat7'
+ conf_dir = '/etc/tomcat7'
+ server_xml_user_and_group = 'tomcat7'
+ when 'ubuntu-18'
+ when 'ubuntu-16'
+ end
+when 'redhat'
+ case platform_finger
+ when 'centos-8'
+ when 'centos-7'
+ when 'centos-6'
+ when 'amazon-2'
+ when 'amazon-2018'
+ end
+when 'fedora'
+ case platform_finger
+ when 'fedora-31'
+ when 'fedora-30'
+ end
+when 'suse'
+ case platform_finger
+ when 'opensuse-15'
+ server_xml_user_and_group = 'root'
+ end
+when 'linux'
+ case platform_finger
+ when 'arch-5'
+ end
+end
+
+control 'Tomcat main config' do
+ title 'should contain the lines'
+
+ # Prepare comparison file
+ main_config_path = "#{comparison_files_dir}/main_config/#{platform_finger}"
+ main_config = file(main_config_path).content
+
+ describe file(main_config_file) do
+ it { should be_file }
+ it { should be_owned_by 'root' }
+ it { should be_grouped_into 'root' }
+ its('mode') { should cmp '0644' }
+ its('content') { should include main_config }
+ end
+end
+
+control 'Tomcat Catalina temp dir' do
+ title 'should be prepared with the settings'
+
+ describe file(catalina_tmpdir) do
+ it { should be_directory }
+ it { should be_owned_by catalina_tmpdir_user_and_group }
+ it { should be_grouped_into catalina_tmpdir_user_and_group }
+ its('mode') { should cmp '0755' }
+ end
+end
+
+control 'Tomcat `server.xml` config' do
+ title 'should contain the lines'
+
+ server_xml_file = "#{conf_dir}/server.xml"
+ server_xml_path = "#{comparison_files_dir}/server_xml/#{platform_finger}.xml"
+ server_xml = file(server_xml_path).content
+ # Need the hostname to be used for `tomcat.cluster`
+ server_xml = server_xml.gsub(
+ 'HOSTNAME_PLACEHOLDER',
+ file('/etc/hostname').content.chomp
+ )
+
+ describe file(server_xml_file) do
+ it { should be_file }
+ it { should be_owned_by server_xml_user_and_group }
+ it { should be_grouped_into server_xml_user_and_group }
+ its('mode') { should cmp '0644' }
+ unless %w[debian-9].include?(platform_finger)
+ its('content') { should include server_xml }
+ end
+ end
+end
diff --git a/test/integration/tomcat_install/controls/packages_spec.rb b/test/integration/default/controls/packages_spec.rb
similarity index 61%
rename from test/integration/tomcat_install/controls/packages_spec.rb
rename to test/integration/default/controls/packages_spec.rb
index 2a93d78ea169c11a89929e6b58be60d703130864..800a43c8fe7b6e84615f542aa892517fd6a6b860 100644
--- a/test/integration/tomcat_install/controls/packages_spec.rb
+++ b/test/integration/default/controls/packages_spec.rb
@@ -1,5 +1,8 @@
# frozen_string_literal: true
+# Prepare platform "finger"
+platform_finger = "#{platform[:name]}-#{platform[:release].split('.')[0]}"
+
control 'Tomcat packages' do
title 'should be installed'
@@ -7,11 +10,13 @@ control 'Tomcat packages' do
packages =
case platform[:family]
when 'debian'
- case platform[:release]
- when /^10/
+ case platform_finger
+ when 'debian-10'
%w[tomcat9 haveged]
- else
+ when 'debian-9', 'ubuntu-18', 'ubuntu-16'
%w[tomcat8 haveged]
+ when 'debian-8'
+ %w[tomcat7 haveged]
end
when 'redhat', 'fedora', 'suse'
%w[tomcat]
diff --git a/test/integration/tomcat_install/controls/services_spec.rb b/test/integration/default/controls/services_spec.rb
similarity index 67%
rename from test/integration/tomcat_install/controls/services_spec.rb
rename to test/integration/default/controls/services_spec.rb
index 32b814de24a832fbbcd02f9eb36f9738d885a0f0..942367cefbf9c7d80bc296a0d0a826748b8f2404 100644
--- a/test/integration/tomcat_install/controls/services_spec.rb
+++ b/test/integration/default/controls/services_spec.rb
@@ -1,5 +1,8 @@
# frozen_string_literal: true
+# Prepare platform "finger"
+platform_finger = "#{platform[:name]}-#{platform[:release].split('.')[0]}"
+
control 'Tomcat services' do
impact 0.5
title 'should be installed, enabled and running'
@@ -8,11 +11,13 @@ control 'Tomcat services' do
services =
case platform[:family]
when 'debian'
- case platform[:release]
- when /^10/
+ case platform_finger
+ when 'debian-10'
%w[tomcat9 haveged]
- else
+ when 'debian-9', 'ubuntu-18', 'ubuntu-16'
%w[tomcat8 haveged]
+ when 'debian-8'
+ %w[tomcat7 haveged]
end
when 'redhat', 'fedora', 'suse'
%w[tomcat]
diff --git a/test/integration/tomcat_install/controls/yaml_dump_spec.rb b/test/integration/default/controls/yaml_dump_spec.rb
similarity index 95%
rename from test/integration/tomcat_install/controls/yaml_dump_spec.rb
rename to test/integration/default/controls/yaml_dump_spec.rb
index 477fff9bbd810efcc4ca950a0ac3ef5d7e19d32f..22181d89bb9058351630b0937655951f5dd56cff 100644
--- a/test/integration/tomcat_install/controls/yaml_dump_spec.rb
+++ b/test/integration/default/controls/yaml_dump_spec.rb
@@ -1,5 +1,8 @@
# frozen_string_literal: true
+# Prepare platform "finger"
+platform_finger = "#{platform[:name]}-#{platform[:release].split('.')[0]}"
+
control 'Tomcat `map.jinja` YAML dump' do
title 'should contain the lines'
@@ -7,8 +10,8 @@ control 'Tomcat `map.jinja` YAML dump' do
yaml_dump +=
case platform[:family]
when 'debian'
- case platform[:release]
- when /^10/
+ case platform_finger
+ when 'debian-10'
conf_dir = '/etc/tomcat9'
group = 'tomcat'
main_config = '/etc/default/tomcat9'
@@ -21,7 +24,7 @@ control 'Tomcat `map.jinja` YAML dump' do
catalina_home = '/usr/share/tomcat9'
catalina_pid = '/var/run/tomcat9.pid'
catalina_tmpdir = '/var/cache/tomcat9/temp'
- else
+ when 'debian-9', 'ubuntu-18', 'ubuntu-16'
conf_dir = '/etc/tomcat8'
group = 'tomcat8'
main_config = '/etc/default/tomcat8'
@@ -34,6 +37,19 @@ control 'Tomcat `map.jinja` YAML dump' do
catalina_home = '/usr/share/tomcat8'
catalina_pid = '/var/run/tomcat8.pid'
catalina_tmpdir = '/var/cache/tomcat8/temp'
+ when 'debian-8'
+ conf_dir = '/etc/tomcat7'
+ group = 'tomcat7'
+ main_config = '/etc/default/tomcat7'
+ manager_pkg = 'tomcat7-admin'
+ pkg = 'tomcat7'
+ service = 'tomcat7'
+ user = 'tomcat7'
+ ver = 7
+ catalina_base = '/var/lib/tomcat7'
+ catalina_home = '/usr/share/tomcat7'
+ catalina_pid = '/var/run/tomcat7.pid'
+ catalina_tmpdir = '/var/cache/tomcat7/temp'
end
<<~YAML_DUMP.chomp
arch: amd64
@@ -209,6 +225,12 @@ control 'Tomcat `map.jinja` YAML dump' do
with_haveged: true
YAML_DUMP
when 'redhat', 'fedora'
+ case platform[:family]
+ when 'redhat'
+ ver = 7
+ when 'fedora'
+ ver = 9
+ end
<<~YAML_DUMP.chomp
arch: amd64
authbind: 'no'
@@ -379,7 +401,7 @@ control 'Tomcat `map.jinja` YAML dump' do
"%{User-Agent}i" %D'
- className: org.apache.catalina.authenticator.SingleSignOn
user: tomcat
- ver: 7
+ ver: #{ver}
with_haveged: false
YAML_DUMP
when 'suse'
diff --git a/test/integration/tomcat_install/inspec.yml b/test/integration/default/inspec.yml
similarity index 95%
rename from test/integration/tomcat_install/inspec.yml
rename to test/integration/default/inspec.yml
index f7a8285e6f7bc753ad3a031ba3365df2782ce42f..efbfb006adc4dc66b2fcf39084a055dae8b41413 100644
--- a/test/integration/tomcat_install/inspec.yml
+++ b/test/integration/default/inspec.yml
@@ -1,7 +1,7 @@
# -*- coding: utf-8 -*-
# vim: ft=yaml
---
-name: tomcat_install
+name: default
title: tomcat formula
maintainer: SaltStack Formulas
license: Apache-2.0
diff --git a/test/integration/tomcat_extend/inspec.yml b/test/integration/tomcat_extend/inspec.yml
deleted file mode 100644
index 886f4086ecdb1ba6d0a265a5c210a723e6358cc1..0000000000000000000000000000000000000000
--- a/test/integration/tomcat_extend/inspec.yml
+++ /dev/null
@@ -1,18 +0,0 @@
-# -*- coding: utf-8 -*-
-# vim: ft=yaml
----
-name: tomcat_extend
-title: tomcat formula
-maintainer: SaltStack Formulas
-license: Apache-2.0
-summary: Verify that the extended tomcat configuration takes place correctly
-supports:
- - platform-name: debian
- - platform-name: ubuntu
- - platform-name: centos
- - platform-name: fedora
- - platform-name: opensuse
- - platform-name: suse
- - platform-name: freebsd
- - platform-name: amazon
- - platform-name: arch
diff --git a/test/integration/tomcat_install/README.md b/test/integration/tomcat_install/README.md
deleted file mode 100644
index 2f6c6d9b4f66169e78925a46d00b53c3dfe82478..0000000000000000000000000000000000000000
--- a/test/integration/tomcat_install/README.md
+++ /dev/null
@@ -1,50 +0,0 @@
-# InSpec Profile: `tomcat_install`
-
-This shows the implementation of the `tomcat_install` InSpec [profile](https://github.com/inspec/inspec/blob/master/docs/profiles.md).
-
-## Verify a profile
-
-InSpec ships with built-in features to verify a profile structure.
-
-```bash
-$ inspec check tomcat_install
-Summary
--------
-Location: tomcat_install
-Profile: profile
-Controls: 4
-Timestamp: 2019-06-24T23:09:01+00:00
-Valid: true
-
-Errors
-------
-
-Warnings
---------
-```
-
-## Execute a profile
-
-To run all **supported** controls on a local machine use `inspec exec /path/to/profile`.
-
-```bash
-$ inspec exec tomcat_install
-..
-
-Finished in 0.0025 seconds (files took 0.12449 seconds to load)
-8 examples, 0 failures
-```
-
-## Execute a specific control from a profile
-
-To run one control from the profile use `inspec exec /path/to/profile --controls name`.
-
-```bash
-$ inspec exec tomcat_install --controls package
-.
-
-Finished in 0.0025 seconds (files took 0.12449 seconds to load)
-1 examples, 0 failures
-```
-
-See an [example control here](https://github.com/inspec/inspec/blob/master/examples/profile/controls/example.rb).
diff --git a/test/salt/comparison_files/main_config/amazon-2 b/test/salt/comparison_files/main_config/amazon-2
new file mode 100644
index 0000000000000000000000000000000000000000..0f4c78f24348cec8a59b676fa867c3089e3209e9
--- /dev/null
+++ b/test/salt/comparison_files/main_config/amazon-2
@@ -0,0 +1,67 @@
+# This file is managed by salt. Manual changes risk being overwritten.
+# # Modify the values passed to the tomcat pillar instead.
+
+# Service-specific configuration file for tomcat. This will be sourced by
+# the SysV init script after the global configuration file
+# /etc/tomcat/tomcat.conf, thus allowing values to be overridden in
+# a per-service manner.
+#
+# NEVER change the init script itself. To change values for all services make
+# your changes in /etc/tomcat/tomcat.conf
+#
+# To change values for a specific service make your edits here.
+# To create a new service create a link from /etc/init.d/<your new service> to
+# /etc/init.d/tomcat (do not copy the init script) and make a copy of the
+# /etc/sysconfig/tomcat file to /etc/sysconfig/<your new service> and change
+# the property values so the two services won't conflict. Register the new
+# service in the system as usual (see chkconfig and similars).
+#
+
+# Where your java installation lives
+JAVA_HOME=/usr/lib/jvm/jre
+
+CATALINA_BASE="/usr/share/tomcat"
+
+CATALINA_HOME="/usr/share/tomcat"
+
+CATALINA_TMPDIR="/var/cache/tomcat/temp"
+
+CATALINA_PID="/var/run/tomcat.pid"
+
+
+# You can pass some parameters to java here if you wish to
+#JAVA_OPTS="-Xminf0.1 -Xmaxf0.3"
+JAVA_OPTS="-Djava.awt.headless=true -Xmx128m -XX:MaxPermSize=256m -Dlog4j.configuration=file:/tmp/log4j.properties -Dlogback.configurationFile=/tmp/logback.xml"
+
+#if CLASSPATH is defined in JAVA_OPTS it may no longer munge with the default CLASSPATH
+#replace and customize if necessary
+#CLASSPATH=/usr/share/tomcat/bin/bootstrap.jar:/usr/share/tomcat/bin/tomcat-juli.jar:/usr/share/java/commons-daemon.jar
+
+# Use JAVA_OPTS to set java.library.path for libtcnative.so
+#JAVA_OPTS="-Djava.library.path=/usr/lib64"
+
+# What user should run tomcat
+TOMCAT_USER=tomcat
+
+# What group should run tomcat
+TOMCAT_GROUP=tomcat
+
+# You can change your tomcat locale here
+#LANG="en_US"
+
+# Run tomcat under the Java Security Manager
+SECURITY_MANAGER="false"
+
+
+# Time to wait in seconds, before killing process
+#SHUTDOWN_WAIT="30"
+
+# Whether to annoy the user with "attempting to shut down" messages or not
+#SHUTDOWN_VERBOSE="false"
+
+# Connector port is 8080 for this tomcat instance
+#CONNECTOR_PORT="8080"
+
+# If you wish to further customize your tomcat environment,
+# put your own definitions here
+# (i.e. LD_LIBRARY_PATH for some jdbc drivers)
diff --git a/test/salt/comparison_files/main_config/centos-7 b/test/salt/comparison_files/main_config/centos-7
new file mode 100644
index 0000000000000000000000000000000000000000..0f4c78f24348cec8a59b676fa867c3089e3209e9
--- /dev/null
+++ b/test/salt/comparison_files/main_config/centos-7
@@ -0,0 +1,67 @@
+# This file is managed by salt. Manual changes risk being overwritten.
+# # Modify the values passed to the tomcat pillar instead.
+
+# Service-specific configuration file for tomcat. This will be sourced by
+# the SysV init script after the global configuration file
+# /etc/tomcat/tomcat.conf, thus allowing values to be overridden in
+# a per-service manner.
+#
+# NEVER change the init script itself. To change values for all services make
+# your changes in /etc/tomcat/tomcat.conf
+#
+# To change values for a specific service make your edits here.
+# To create a new service create a link from /etc/init.d/<your new service> to
+# /etc/init.d/tomcat (do not copy the init script) and make a copy of the
+# /etc/sysconfig/tomcat file to /etc/sysconfig/<your new service> and change
+# the property values so the two services won't conflict. Register the new
+# service in the system as usual (see chkconfig and similars).
+#
+
+# Where your java installation lives
+JAVA_HOME=/usr/lib/jvm/jre
+
+CATALINA_BASE="/usr/share/tomcat"
+
+CATALINA_HOME="/usr/share/tomcat"
+
+CATALINA_TMPDIR="/var/cache/tomcat/temp"
+
+CATALINA_PID="/var/run/tomcat.pid"
+
+
+# You can pass some parameters to java here if you wish to
+#JAVA_OPTS="-Xminf0.1 -Xmaxf0.3"
+JAVA_OPTS="-Djava.awt.headless=true -Xmx128m -XX:MaxPermSize=256m -Dlog4j.configuration=file:/tmp/log4j.properties -Dlogback.configurationFile=/tmp/logback.xml"
+
+#if CLASSPATH is defined in JAVA_OPTS it may no longer munge with the default CLASSPATH
+#replace and customize if necessary
+#CLASSPATH=/usr/share/tomcat/bin/bootstrap.jar:/usr/share/tomcat/bin/tomcat-juli.jar:/usr/share/java/commons-daemon.jar
+
+# Use JAVA_OPTS to set java.library.path for libtcnative.so
+#JAVA_OPTS="-Djava.library.path=/usr/lib64"
+
+# What user should run tomcat
+TOMCAT_USER=tomcat
+
+# What group should run tomcat
+TOMCAT_GROUP=tomcat
+
+# You can change your tomcat locale here
+#LANG="en_US"
+
+# Run tomcat under the Java Security Manager
+SECURITY_MANAGER="false"
+
+
+# Time to wait in seconds, before killing process
+#SHUTDOWN_WAIT="30"
+
+# Whether to annoy the user with "attempting to shut down" messages or not
+#SHUTDOWN_VERBOSE="false"
+
+# Connector port is 8080 for this tomcat instance
+#CONNECTOR_PORT="8080"
+
+# If you wish to further customize your tomcat environment,
+# put your own definitions here
+# (i.e. LD_LIBRARY_PATH for some jdbc drivers)
diff --git a/test/salt/comparison_files/main_config/debian-10 b/test/salt/comparison_files/main_config/debian-10
new file mode 100644
index 0000000000000000000000000000000000000000..a63ac75939708179e0f7445b2fbfd228035f7239
--- /dev/null
+++ b/test/salt/comparison_files/main_config/debian-10
@@ -0,0 +1,58 @@
+# This file is managed by salt. Manual changes risk being overwritten.
+# Modify the values in the tomcat pillar instead.
+
+# Run Tomcat as this user ID. Not setting this or leaving it blank will use the
+# default of tomcat8.
+TOMCAT9_USER=tomcat
+
+# Run Tomcat as this group ID. Not setting this or leaving it blank will use
+# the default of tomcat8.
+TOMCAT9_GROUP=tomcat
+
+# The home directory of the Java development kit (JDK). You need at least
+# JDK version 7. If JAVA_HOME is not set, some common directories for
+# OpenJDK and the Oracle JDK are tried.
+JAVA_HOME=/usr/lib/jvm/default-java
+
+CATALINA_BASE="/var/lib/tomcat9"
+CATALINA_HOME="/usr/share/tomcat9"
+CATALINA_TMPDIR="/var/cache/tomcat9/temp"
+CATALINA_PID="/var/run/tomcat9.pid"
+
+
+# You may pass JVM startup parameters to Java here. If unset, the default
+# options will be: -Djava.awt.headless=true -Xmx128m -XX:+UseConcMarkSweepGC
+#
+# Use "-XX:+UseConcMarkSweepGC" to enable the CMS garbage collector (improved
+# response time). If you use that option and you run Tomcat on a machine with
+# exactly one CPU chip that contains one or two cores, you should also add
+# the "-XX:+CMSIncrementalMode" option.
+JAVA_OPTS="-Djava.awt.headless=true -Xmx128m -XX:MaxPermSize=256m -Dlog4j.configuration=file:/tmp/log4j.properties -Dlogback.configurationFile=/tmp/logback.xml"
+
+# To enable remote debugging uncomment the following line.
+# You will then be able to use a java debugger on port 8000.
+#JAVA_OPTS="${JAVA_OPTS} -Xdebug -Xrunjdwp:transport=dt_socket,address=8000,server=y,suspend=n"
+
+# Java compiler to use for translating JavaServer Pages (JSPs). You can use all
+# compilers that are accepted by Ant's build.compiler property.
+JSP_COMPILER=javac
+
+
+# Use the Java security manager? (yes/no, default: no)
+TOMCAT9_SECURITY=no
+
+
+# Number of days to keep logfiles in /var/log/tomcat8. Default is 14 days.
+#LOGFILE_DAYS=14
+# Whether to compress logfiles older than today's
+#LOGFILE_COMPRESS=1
+
+# Location of the JVM temporary directory
+# WARNING: This directory will be destroyed and recreated at every startup !
+JVM_TMP=/tmp/tomcat
+
+
+# If you run Tomcat on port numbers that are all higher than 1023, then you
+# do not need authbind. It is used for binding Tomcat to lower port numbers.
+# (yes/no, default: no)
+AUTHBIND=no
diff --git a/test/salt/comparison_files/main_config/debian-8 b/test/salt/comparison_files/main_config/debian-8
new file mode 100644
index 0000000000000000000000000000000000000000..21953294ab6ee82df87055197f9ac2fc65c65c7f
--- /dev/null
+++ b/test/salt/comparison_files/main_config/debian-8
@@ -0,0 +1,60 @@
+# This file is managed by salt. Manual changes risk being overwritten.
+# Modify the values in the tomcat pillar instead.
+
+# Run Tomcat as this user ID. Not setting this or leaving it blank will use the
+# default of tomcat8.
+TOMCAT7_USER=tomcat7
+
+# Run Tomcat as this group ID. Not setting this or leaving it blank will use
+# the default of tomcat8.
+TOMCAT7_GROUP=tomcat7
+
+# The home directory of the Java development kit (JDK). You need at least
+# JDK version 7. If JAVA_HOME is not set, some common directories for
+# OpenJDK and the Oracle JDK are tried.
+JAVA_HOME=/usr/lib/jvm/default-java
+
+CATALINA_BASE="/var/lib/tomcat7"
+CATALINA_HOME="/usr/share/tomcat7"
+CATALINA_TMPDIR="/var/cache/tomcat7/temp"
+CATALINA_PID="/var/run/tomcat7.pid"
+
+
+# You may pass JVM startup parameters to Java here. If unset, the default
+# options will be: -Djava.awt.headless=true -Xmx128m -XX:+UseConcMarkSweepGC
+#
+# Use "-XX:+UseConcMarkSweepGC" to enable the CMS garbage collector (improved
+# response time). If you use that option and you run Tomcat on a machine with
+# exactly one CPU chip that contains one or two cores, you should also add
+# the "-XX:+CMSIncrementalMode" option.
+JAVA_OPTS="-Djava.awt.headless=true -Xmx128m -XX:MaxPermSize=256m -Dlog4j.configuration=file:/tmp/log4j.properties -Dlogback.configurationFile=/tmp/logback.xml"
+
+# To enable remote debugging uncomment the following line.
+# You will then be able to use a java debugger on port 8000.
+#JAVA_OPTS="${JAVA_OPTS} -Xdebug -Xrunjdwp:transport=dt_socket,address=8000,server=y,suspend=n"
+
+# Java compiler to use for translating JavaServer Pages (JSPs). You can use all
+# compilers that are accepted by Ant's build.compiler property.
+JSP_COMPILER=javac
+
+
+# Use the Java security manager? (yes/no, default: no)
+TOMCAT7_SECURITY=no
+
+
+# Number of days to keep logfiles in /var/log/tomcat8. Default is 14 days.
+#LOGFILE_DAYS=14
+# Whether to compress logfiles older than today's
+#LOGFILE_COMPRESS=1
+
+# Location of the JVM temporary directory
+# WARNING: This directory will be destroyed and recreated at every startup !
+JVM_TMP=/tmp/tomcat
+
+
+# If you run Tomcat on port numbers that are all higher than 1023, then you
+# do not need authbind. It is used for binding Tomcat to lower port numbers.
+# (yes/no, default: no)
+AUTHBIND=no
+
+
diff --git a/test/salt/comparison_files/main_config/debian-9 b/test/salt/comparison_files/main_config/debian-9
new file mode 100644
index 0000000000000000000000000000000000000000..7ac21445df05400c9a91698af0fc21e766efdb5d
--- /dev/null
+++ b/test/salt/comparison_files/main_config/debian-9
@@ -0,0 +1,58 @@
+# This file is managed by salt. Manual changes risk being overwritten.
+# Modify the values in the tomcat pillar instead.
+
+# Run Tomcat as this user ID. Not setting this or leaving it blank will use the
+# default of tomcat8.
+TOMCAT8_USER=tomcat8
+
+# Run Tomcat as this group ID. Not setting this or leaving it blank will use
+# the default of tomcat8.
+TOMCAT8_GROUP=tomcat8
+
+# The home directory of the Java development kit (JDK). You need at least
+# JDK version 7. If JAVA_HOME is not set, some common directories for
+# OpenJDK and the Oracle JDK are tried.
+JAVA_HOME=/usr/lib/jvm/default-java
+
+CATALINA_BASE="/var/lib/tomcat8"
+CATALINA_HOME="/usr/share/tomcat8"
+CATALINA_TMPDIR="/var/cache/tomcat8/temp"
+CATALINA_PID="/var/run/tomcat8.pid"
+
+
+# You may pass JVM startup parameters to Java here. If unset, the default
+# options will be: -Djava.awt.headless=true -Xmx128m -XX:+UseConcMarkSweepGC
+#
+# Use "-XX:+UseConcMarkSweepGC" to enable the CMS garbage collector (improved
+# response time). If you use that option and you run Tomcat on a machine with
+# exactly one CPU chip that contains one or two cores, you should also add
+# the "-XX:+CMSIncrementalMode" option.
+JAVA_OPTS="-Djava.awt.headless=true -Xmx128m -XX:MaxPermSize=256m -Dlog4j.configuration=file:/tmp/log4j.properties -Dlogback.configurationFile=/tmp/logback.xml"
+
+# To enable remote debugging uncomment the following line.
+# You will then be able to use a java debugger on port 8000.
+#JAVA_OPTS="${JAVA_OPTS} -Xdebug -Xrunjdwp:transport=dt_socket,address=8000,server=y,suspend=n"
+
+# Java compiler to use for translating JavaServer Pages (JSPs). You can use all
+# compilers that are accepted by Ant's build.compiler property.
+JSP_COMPILER=javac
+
+
+# Use the Java security manager? (yes/no, default: no)
+TOMCAT8_SECURITY=no
+
+
+# Number of days to keep logfiles in /var/log/tomcat8. Default is 14 days.
+#LOGFILE_DAYS=14
+# Whether to compress logfiles older than today's
+#LOGFILE_COMPRESS=1
+
+# Location of the JVM temporary directory
+# WARNING: This directory will be destroyed and recreated at every startup !
+JVM_TMP=/tmp/tomcat
+
+
+# If you run Tomcat on port numbers that are all higher than 1023, then you
+# do not need authbind. It is used for binding Tomcat to lower port numbers.
+# (yes/no, default: no)
+AUTHBIND=no
diff --git a/test/salt/comparison_files/main_config/fedora-31 b/test/salt/comparison_files/main_config/fedora-31
new file mode 100644
index 0000000000000000000000000000000000000000..0f4c78f24348cec8a59b676fa867c3089e3209e9
--- /dev/null
+++ b/test/salt/comparison_files/main_config/fedora-31
@@ -0,0 +1,67 @@
+# This file is managed by salt. Manual changes risk being overwritten.
+# # Modify the values passed to the tomcat pillar instead.
+
+# Service-specific configuration file for tomcat. This will be sourced by
+# the SysV init script after the global configuration file
+# /etc/tomcat/tomcat.conf, thus allowing values to be overridden in
+# a per-service manner.
+#
+# NEVER change the init script itself. To change values for all services make
+# your changes in /etc/tomcat/tomcat.conf
+#
+# To change values for a specific service make your edits here.
+# To create a new service create a link from /etc/init.d/<your new service> to
+# /etc/init.d/tomcat (do not copy the init script) and make a copy of the
+# /etc/sysconfig/tomcat file to /etc/sysconfig/<your new service> and change
+# the property values so the two services won't conflict. Register the new
+# service in the system as usual (see chkconfig and similars).
+#
+
+# Where your java installation lives
+JAVA_HOME=/usr/lib/jvm/jre
+
+CATALINA_BASE="/usr/share/tomcat"
+
+CATALINA_HOME="/usr/share/tomcat"
+
+CATALINA_TMPDIR="/var/cache/tomcat/temp"
+
+CATALINA_PID="/var/run/tomcat.pid"
+
+
+# You can pass some parameters to java here if you wish to
+#JAVA_OPTS="-Xminf0.1 -Xmaxf0.3"
+JAVA_OPTS="-Djava.awt.headless=true -Xmx128m -XX:MaxPermSize=256m -Dlog4j.configuration=file:/tmp/log4j.properties -Dlogback.configurationFile=/tmp/logback.xml"
+
+#if CLASSPATH is defined in JAVA_OPTS it may no longer munge with the default CLASSPATH
+#replace and customize if necessary
+#CLASSPATH=/usr/share/tomcat/bin/bootstrap.jar:/usr/share/tomcat/bin/tomcat-juli.jar:/usr/share/java/commons-daemon.jar
+
+# Use JAVA_OPTS to set java.library.path for libtcnative.so
+#JAVA_OPTS="-Djava.library.path=/usr/lib64"
+
+# What user should run tomcat
+TOMCAT_USER=tomcat
+
+# What group should run tomcat
+TOMCAT_GROUP=tomcat
+
+# You can change your tomcat locale here
+#LANG="en_US"
+
+# Run tomcat under the Java Security Manager
+SECURITY_MANAGER="false"
+
+
+# Time to wait in seconds, before killing process
+#SHUTDOWN_WAIT="30"
+
+# Whether to annoy the user with "attempting to shut down" messages or not
+#SHUTDOWN_VERBOSE="false"
+
+# Connector port is 8080 for this tomcat instance
+#CONNECTOR_PORT="8080"
+
+# If you wish to further customize your tomcat environment,
+# put your own definitions here
+# (i.e. LD_LIBRARY_PATH for some jdbc drivers)
diff --git a/test/salt/comparison_files/main_config/opensuse-15 b/test/salt/comparison_files/main_config/opensuse-15
new file mode 100644
index 0000000000000000000000000000000000000000..0f4c78f24348cec8a59b676fa867c3089e3209e9
--- /dev/null
+++ b/test/salt/comparison_files/main_config/opensuse-15
@@ -0,0 +1,67 @@
+# This file is managed by salt. Manual changes risk being overwritten.
+# # Modify the values passed to the tomcat pillar instead.
+
+# Service-specific configuration file for tomcat. This will be sourced by
+# the SysV init script after the global configuration file
+# /etc/tomcat/tomcat.conf, thus allowing values to be overridden in
+# a per-service manner.
+#
+# NEVER change the init script itself. To change values for all services make
+# your changes in /etc/tomcat/tomcat.conf
+#
+# To change values for a specific service make your edits here.
+# To create a new service create a link from /etc/init.d/<your new service> to
+# /etc/init.d/tomcat (do not copy the init script) and make a copy of the
+# /etc/sysconfig/tomcat file to /etc/sysconfig/<your new service> and change
+# the property values so the two services won't conflict. Register the new
+# service in the system as usual (see chkconfig and similars).
+#
+
+# Where your java installation lives
+JAVA_HOME=/usr/lib/jvm/jre
+
+CATALINA_BASE="/usr/share/tomcat"
+
+CATALINA_HOME="/usr/share/tomcat"
+
+CATALINA_TMPDIR="/var/cache/tomcat/temp"
+
+CATALINA_PID="/var/run/tomcat.pid"
+
+
+# You can pass some parameters to java here if you wish to
+#JAVA_OPTS="-Xminf0.1 -Xmaxf0.3"
+JAVA_OPTS="-Djava.awt.headless=true -Xmx128m -XX:MaxPermSize=256m -Dlog4j.configuration=file:/tmp/log4j.properties -Dlogback.configurationFile=/tmp/logback.xml"
+
+#if CLASSPATH is defined in JAVA_OPTS it may no longer munge with the default CLASSPATH
+#replace and customize if necessary
+#CLASSPATH=/usr/share/tomcat/bin/bootstrap.jar:/usr/share/tomcat/bin/tomcat-juli.jar:/usr/share/java/commons-daemon.jar
+
+# Use JAVA_OPTS to set java.library.path for libtcnative.so
+#JAVA_OPTS="-Djava.library.path=/usr/lib64"
+
+# What user should run tomcat
+TOMCAT_USER=tomcat
+
+# What group should run tomcat
+TOMCAT_GROUP=tomcat
+
+# You can change your tomcat locale here
+#LANG="en_US"
+
+# Run tomcat under the Java Security Manager
+SECURITY_MANAGER="false"
+
+
+# Time to wait in seconds, before killing process
+#SHUTDOWN_WAIT="30"
+
+# Whether to annoy the user with "attempting to shut down" messages or not
+#SHUTDOWN_VERBOSE="false"
+
+# Connector port is 8080 for this tomcat instance
+#CONNECTOR_PORT="8080"
+
+# If you wish to further customize your tomcat environment,
+# put your own definitions here
+# (i.e. LD_LIBRARY_PATH for some jdbc drivers)
diff --git a/test/salt/comparison_files/main_config/ubuntu-16 b/test/salt/comparison_files/main_config/ubuntu-16
new file mode 100644
index 0000000000000000000000000000000000000000..7ac21445df05400c9a91698af0fc21e766efdb5d
--- /dev/null
+++ b/test/salt/comparison_files/main_config/ubuntu-16
@@ -0,0 +1,58 @@
+# This file is managed by salt. Manual changes risk being overwritten.
+# Modify the values in the tomcat pillar instead.
+
+# Run Tomcat as this user ID. Not setting this or leaving it blank will use the
+# default of tomcat8.
+TOMCAT8_USER=tomcat8
+
+# Run Tomcat as this group ID. Not setting this or leaving it blank will use
+# the default of tomcat8.
+TOMCAT8_GROUP=tomcat8
+
+# The home directory of the Java development kit (JDK). You need at least
+# JDK version 7. If JAVA_HOME is not set, some common directories for
+# OpenJDK and the Oracle JDK are tried.
+JAVA_HOME=/usr/lib/jvm/default-java
+
+CATALINA_BASE="/var/lib/tomcat8"
+CATALINA_HOME="/usr/share/tomcat8"
+CATALINA_TMPDIR="/var/cache/tomcat8/temp"
+CATALINA_PID="/var/run/tomcat8.pid"
+
+
+# You may pass JVM startup parameters to Java here. If unset, the default
+# options will be: -Djava.awt.headless=true -Xmx128m -XX:+UseConcMarkSweepGC
+#
+# Use "-XX:+UseConcMarkSweepGC" to enable the CMS garbage collector (improved
+# response time). If you use that option and you run Tomcat on a machine with
+# exactly one CPU chip that contains one or two cores, you should also add
+# the "-XX:+CMSIncrementalMode" option.
+JAVA_OPTS="-Djava.awt.headless=true -Xmx128m -XX:MaxPermSize=256m -Dlog4j.configuration=file:/tmp/log4j.properties -Dlogback.configurationFile=/tmp/logback.xml"
+
+# To enable remote debugging uncomment the following line.
+# You will then be able to use a java debugger on port 8000.
+#JAVA_OPTS="${JAVA_OPTS} -Xdebug -Xrunjdwp:transport=dt_socket,address=8000,server=y,suspend=n"
+
+# Java compiler to use for translating JavaServer Pages (JSPs). You can use all
+# compilers that are accepted by Ant's build.compiler property.
+JSP_COMPILER=javac
+
+
+# Use the Java security manager? (yes/no, default: no)
+TOMCAT8_SECURITY=no
+
+
+# Number of days to keep logfiles in /var/log/tomcat8. Default is 14 days.
+#LOGFILE_DAYS=14
+# Whether to compress logfiles older than today's
+#LOGFILE_COMPRESS=1
+
+# Location of the JVM temporary directory
+# WARNING: This directory will be destroyed and recreated at every startup !
+JVM_TMP=/tmp/tomcat
+
+
+# If you run Tomcat on port numbers that are all higher than 1023, then you
+# do not need authbind. It is used for binding Tomcat to lower port numbers.
+# (yes/no, default: no)
+AUTHBIND=no
diff --git a/test/salt/comparison_files/main_config/ubuntu-18 b/test/salt/comparison_files/main_config/ubuntu-18
new file mode 100644
index 0000000000000000000000000000000000000000..7ac21445df05400c9a91698af0fc21e766efdb5d
--- /dev/null
+++ b/test/salt/comparison_files/main_config/ubuntu-18
@@ -0,0 +1,58 @@
+# This file is managed by salt. Manual changes risk being overwritten.
+# Modify the values in the tomcat pillar instead.
+
+# Run Tomcat as this user ID. Not setting this or leaving it blank will use the
+# default of tomcat8.
+TOMCAT8_USER=tomcat8
+
+# Run Tomcat as this group ID. Not setting this or leaving it blank will use
+# the default of tomcat8.
+TOMCAT8_GROUP=tomcat8
+
+# The home directory of the Java development kit (JDK). You need at least
+# JDK version 7. If JAVA_HOME is not set, some common directories for
+# OpenJDK and the Oracle JDK are tried.
+JAVA_HOME=/usr/lib/jvm/default-java
+
+CATALINA_BASE="/var/lib/tomcat8"
+CATALINA_HOME="/usr/share/tomcat8"
+CATALINA_TMPDIR="/var/cache/tomcat8/temp"
+CATALINA_PID="/var/run/tomcat8.pid"
+
+
+# You may pass JVM startup parameters to Java here. If unset, the default
+# options will be: -Djava.awt.headless=true -Xmx128m -XX:+UseConcMarkSweepGC
+#
+# Use "-XX:+UseConcMarkSweepGC" to enable the CMS garbage collector (improved
+# response time). If you use that option and you run Tomcat on a machine with
+# exactly one CPU chip that contains one or two cores, you should also add
+# the "-XX:+CMSIncrementalMode" option.
+JAVA_OPTS="-Djava.awt.headless=true -Xmx128m -XX:MaxPermSize=256m -Dlog4j.configuration=file:/tmp/log4j.properties -Dlogback.configurationFile=/tmp/logback.xml"
+
+# To enable remote debugging uncomment the following line.
+# You will then be able to use a java debugger on port 8000.
+#JAVA_OPTS="${JAVA_OPTS} -Xdebug -Xrunjdwp:transport=dt_socket,address=8000,server=y,suspend=n"
+
+# Java compiler to use for translating JavaServer Pages (JSPs). You can use all
+# compilers that are accepted by Ant's build.compiler property.
+JSP_COMPILER=javac
+
+
+# Use the Java security manager? (yes/no, default: no)
+TOMCAT8_SECURITY=no
+
+
+# Number of days to keep logfiles in /var/log/tomcat8. Default is 14 days.
+#LOGFILE_DAYS=14
+# Whether to compress logfiles older than today's
+#LOGFILE_COMPRESS=1
+
+# Location of the JVM temporary directory
+# WARNING: This directory will be destroyed and recreated at every startup !
+JVM_TMP=/tmp/tomcat
+
+
+# If you run Tomcat on port numbers that are all higher than 1023, then you
+# do not need authbind. It is used for binding Tomcat to lower port numbers.
+# (yes/no, default: no)
+AUTHBIND=no
diff --git a/test/salt/comparison_files/server_xml/amazon-2.xml b/test/salt/comparison_files/server_xml/amazon-2.xml
new file mode 100644
index 0000000000000000000000000000000000000000..fd7be24fd3e371b84375bc32eb2800dfd54d6824
--- /dev/null
+++ b/test/salt/comparison_files/server_xml/amazon-2.xml
@@ -0,0 +1,173 @@
+<?xml version='1.0' encoding='utf-8'?>
+<!--
+
+ This file is managed/autogenerated by salt.
+ Manual changes risk being overwritten.
+
+ Modify the salt pillar for the tomcat formula
+ that generates this file instead.
+
+-->
+<!--
+ Licensed to the Apache Software Foundation (ASF) under one or more
+ contributor license agreements. See the NOTICE file distributed with
+ this work for additional information regarding copyright ownership.
+ The ASF licenses this file to You under the Apache License, Version 2.0
+ (the "License"); you may not use this file except in compliance with
+ the License. You may obtain a copy of the License at
+
+ http://www.apache.org/licenses/LICENSE-2.0
+
+ Unless required by applicable law or agreed to in writing, software
+ distributed under the License is distributed on an "AS IS" BASIS,
+ WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ See the License for the specific language governing permissions and
+ limitations under the License.
+-->
+<!-- Note: A "Server" is not itself a "Container", so you may not
+ define subcomponents such as "Valves" at this level.
+ Documentation at /docs/config/server.html
+ -->
+<Server port="8005" shutdown="SHUTDOWN">
+ <!-- Security listener. Documentation at /docs/config/listeners.html
+ <Listener className="org.apache.catalina.security.SecurityListener" />
+ -->
+
+ <!--APR library loader. Documentation at /docs/apr.html -->
+ <Listener className="org.apache.catalina.core.AprLifecycleListener" SSLEngine="on" />
+
+
+
+ <Listener className="org.apache.catalina.core.JasperListener" />
+
+
+ <!-- Prevent memory leaks due to use of particular java/javax APIs-->
+ <!--Initialize Jasper prior to webapps are loaded. Documentation at /docs/jasper-howto.html -->
+ <Listener className="org.apache.catalina.core.JreMemoryLeakPreventionListener" />
+ <Listener className="org.apache.catalina.mbeans.GlobalResourcesLifecycleListener" />
+ <Listener className="org.apache.catalina.core.ThreadLocalLeakPreventionListener" />
+
+ <!-- Global JNDI resources
+ Documentation at /docs/jndi-resources-howto.html
+ -->
+ <GlobalNamingResources>
+
+
+ <!-- Editable user database that can also be used by
+ UserDatabaseRealm to authenticate users
+ -->
+ <Resource name="UserDatabase" auth="Container"
+ type="org.apache.catalina.UserDatabase"
+ description="User database that can be updated and saved"
+ factory="org.apache.catalina.users.MemoryUserDatabaseFactory"
+ pathname="conf/tomcat-users.xml" />
+ </GlobalNamingResources>
+
+ <!-- A "Service" is a collection of one or more "Connectors" that share
+ a single "Container" Note: A "Service" is not itself a "Container",
+ so you may not define subcomponents such as "Valves" at this level.
+ Documentation at /docs/config/service.html
+ -->
+ <Service name="Catalina">
+ <Connector
+
+ port="8443"
+ protocol="org.apache.coyote.http11.Http11Protocol"
+ connectionTimeout="20000"
+ URIEncoding="UTF-8"
+ redirectPort="8443"
+ maxHttpHeaderSize="8192"
+ maxThreads="150"
+ minSpareThreads="25"
+ enableLookups="false"
+ disableUploadTimeout="true"
+ acceptCount="100"
+ scheme="https"
+ secure="true"
+ clientAuth="false"
+ sslProtocol="TLS"
+ SSLEnabled="false"
+ keystoreFile="/path/to/keystoreFile"
+ keystorePass="somerandomtext"
+ />
+
+
+ <Engine name="Catalina" defaultHost="localhost" jvmRoute="HOSTNAME_PLACEHOLDER">
+
+ <Cluster className="org.apache.catalina.ha.tcp.SimpleTcpCluster" channelSendOptions="8">
+ <Manager className="org.apache.catalina.ha.session.DeltaManager" expireSessionsOnShutdown="false" notifyListenersOnReplication="true"/>
+ <Channel className="org.apache.catalina.tribes.group.GroupChannel">
+ <Membership className="org.apache.catalina.tribes.membership.McastService" address="228.0.0.4" port="45564" frequency="500" dropTime="3000"/>
+ <Sender className="org.apache.catalina.tribes.transport.ReplicationTransmitter">
+ <Transport className="org.apache.catalina.tribes.transport.nio.PooledParallelSender"/>
+ </Sender>
+
+ <Receiver className="org.apache.catalina.tribes.transport.nio.NioReceiver" address="auto" port="4000" autoBind="100" selectorTimeout="5000" maxThreads="6"/>
+
+ <Interceptor className="org.apache.catalina.tribes.group.interceptors.TcpFailureDetector"/>
+ <Interceptor className="org.apache.catalina.tribes.group.interceptors.MessageDispatch15Interceptor"/>
+
+ </Channel>
+ <Valve className="org.apache.catalina.ha.tcp.ReplicationValve" filter=""/>
+ <Valve className="org.apache.catalina.ha.session.JvmRouteBinderValve"/>
+
+
+ <ClusterListener className="org.apache.catalina.ha.session.JvmRouteSessionIDBinderListener"/>
+
+ <ClusterListener className="org.apache.catalina.ha.session.ClusterSessionListener"/>
+ </Cluster>
+
+ <!-- Use the LockOutRealm to prevent attempts to guess user passwords
+ via a brute-force attack -->
+ <Realm className="org.apache.catalina.realm.LockOutRealm">
+ <!-- This Realm uses the UserDatabase configured in the global JNDI
+ resources under the key "UserDatabase". Any edits
+ that are performed against this UserDatabase are immediately
+ available for use by the Realm. -->
+ <Realm className="org.apache.catalina.realm.UserDatabaseRealm"
+ resourceName="UserDatabase"/>
+ </Realm>
+
+
+
+ <Host name="tomcat-server"
+ unpackWARs="true"
+ autoDeploy="true"
+ deployXML="false">
+ <Context path=""
+ docBase="../webapps/myapp"
+ debug="0"
+ reloadable="true"
+ />
+
+ <Alias>www.example.com</Alias>
+
+ </Host>
+
+ <Host name="example.net"
+ unpackWARs="true"
+ autoDeploy="true">
+ <Context path=""
+ docBase="../webapps/myapp2"
+ debug="0"
+ reloadable="true"
+ />
+
+ <Alias>www.example.net</Alias>
+
+ <Valve
+ className="org.apache.catalina.valves.AccessLogValve"
+ directory="logs"
+ prefix="localhost_access_log."
+ fileDateFormat="yyyy-MM-dd-HH"
+ suffix=".log"
+ pattern="%h %l %u %t "%m http://%v%U %H" %s %b "%{Referer}i" "%{User-Agent}i" %D" />
+ <Valve
+ className="org.apache.catalina.authenticator.SingleSignOn" />
+
+ </Host>
+
+
+ </Engine>
+ </Service>
+</Server>
diff --git a/test/salt/comparison_files/server_xml/centos-7.xml b/test/salt/comparison_files/server_xml/centos-7.xml
new file mode 100644
index 0000000000000000000000000000000000000000..fd7be24fd3e371b84375bc32eb2800dfd54d6824
--- /dev/null
+++ b/test/salt/comparison_files/server_xml/centos-7.xml
@@ -0,0 +1,173 @@
+<?xml version='1.0' encoding='utf-8'?>
+<!--
+
+ This file is managed/autogenerated by salt.
+ Manual changes risk being overwritten.
+
+ Modify the salt pillar for the tomcat formula
+ that generates this file instead.
+
+-->
+<!--
+ Licensed to the Apache Software Foundation (ASF) under one or more
+ contributor license agreements. See the NOTICE file distributed with
+ this work for additional information regarding copyright ownership.
+ The ASF licenses this file to You under the Apache License, Version 2.0
+ (the "License"); you may not use this file except in compliance with
+ the License. You may obtain a copy of the License at
+
+ http://www.apache.org/licenses/LICENSE-2.0
+
+ Unless required by applicable law or agreed to in writing, software
+ distributed under the License is distributed on an "AS IS" BASIS,
+ WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ See the License for the specific language governing permissions and
+ limitations under the License.
+-->
+<!-- Note: A "Server" is not itself a "Container", so you may not
+ define subcomponents such as "Valves" at this level.
+ Documentation at /docs/config/server.html
+ -->
+<Server port="8005" shutdown="SHUTDOWN">
+ <!-- Security listener. Documentation at /docs/config/listeners.html
+ <Listener className="org.apache.catalina.security.SecurityListener" />
+ -->
+
+ <!--APR library loader. Documentation at /docs/apr.html -->
+ <Listener className="org.apache.catalina.core.AprLifecycleListener" SSLEngine="on" />
+
+
+
+ <Listener className="org.apache.catalina.core.JasperListener" />
+
+
+ <!-- Prevent memory leaks due to use of particular java/javax APIs-->
+ <!--Initialize Jasper prior to webapps are loaded. Documentation at /docs/jasper-howto.html -->
+ <Listener className="org.apache.catalina.core.JreMemoryLeakPreventionListener" />
+ <Listener className="org.apache.catalina.mbeans.GlobalResourcesLifecycleListener" />
+ <Listener className="org.apache.catalina.core.ThreadLocalLeakPreventionListener" />
+
+ <!-- Global JNDI resources
+ Documentation at /docs/jndi-resources-howto.html
+ -->
+ <GlobalNamingResources>
+
+
+ <!-- Editable user database that can also be used by
+ UserDatabaseRealm to authenticate users
+ -->
+ <Resource name="UserDatabase" auth="Container"
+ type="org.apache.catalina.UserDatabase"
+ description="User database that can be updated and saved"
+ factory="org.apache.catalina.users.MemoryUserDatabaseFactory"
+ pathname="conf/tomcat-users.xml" />
+ </GlobalNamingResources>
+
+ <!-- A "Service" is a collection of one or more "Connectors" that share
+ a single "Container" Note: A "Service" is not itself a "Container",
+ so you may not define subcomponents such as "Valves" at this level.
+ Documentation at /docs/config/service.html
+ -->
+ <Service name="Catalina">
+ <Connector
+
+ port="8443"
+ protocol="org.apache.coyote.http11.Http11Protocol"
+ connectionTimeout="20000"
+ URIEncoding="UTF-8"
+ redirectPort="8443"
+ maxHttpHeaderSize="8192"
+ maxThreads="150"
+ minSpareThreads="25"
+ enableLookups="false"
+ disableUploadTimeout="true"
+ acceptCount="100"
+ scheme="https"
+ secure="true"
+ clientAuth="false"
+ sslProtocol="TLS"
+ SSLEnabled="false"
+ keystoreFile="/path/to/keystoreFile"
+ keystorePass="somerandomtext"
+ />
+
+
+ <Engine name="Catalina" defaultHost="localhost" jvmRoute="HOSTNAME_PLACEHOLDER">
+
+ <Cluster className="org.apache.catalina.ha.tcp.SimpleTcpCluster" channelSendOptions="8">
+ <Manager className="org.apache.catalina.ha.session.DeltaManager" expireSessionsOnShutdown="false" notifyListenersOnReplication="true"/>
+ <Channel className="org.apache.catalina.tribes.group.GroupChannel">
+ <Membership className="org.apache.catalina.tribes.membership.McastService" address="228.0.0.4" port="45564" frequency="500" dropTime="3000"/>
+ <Sender className="org.apache.catalina.tribes.transport.ReplicationTransmitter">
+ <Transport className="org.apache.catalina.tribes.transport.nio.PooledParallelSender"/>
+ </Sender>
+
+ <Receiver className="org.apache.catalina.tribes.transport.nio.NioReceiver" address="auto" port="4000" autoBind="100" selectorTimeout="5000" maxThreads="6"/>
+
+ <Interceptor className="org.apache.catalina.tribes.group.interceptors.TcpFailureDetector"/>
+ <Interceptor className="org.apache.catalina.tribes.group.interceptors.MessageDispatch15Interceptor"/>
+
+ </Channel>
+ <Valve className="org.apache.catalina.ha.tcp.ReplicationValve" filter=""/>
+ <Valve className="org.apache.catalina.ha.session.JvmRouteBinderValve"/>
+
+
+ <ClusterListener className="org.apache.catalina.ha.session.JvmRouteSessionIDBinderListener"/>
+
+ <ClusterListener className="org.apache.catalina.ha.session.ClusterSessionListener"/>
+ </Cluster>
+
+ <!-- Use the LockOutRealm to prevent attempts to guess user passwords
+ via a brute-force attack -->
+ <Realm className="org.apache.catalina.realm.LockOutRealm">
+ <!-- This Realm uses the UserDatabase configured in the global JNDI
+ resources under the key "UserDatabase". Any edits
+ that are performed against this UserDatabase are immediately
+ available for use by the Realm. -->
+ <Realm className="org.apache.catalina.realm.UserDatabaseRealm"
+ resourceName="UserDatabase"/>
+ </Realm>
+
+
+
+ <Host name="tomcat-server"
+ unpackWARs="true"
+ autoDeploy="true"
+ deployXML="false">
+ <Context path=""
+ docBase="../webapps/myapp"
+ debug="0"
+ reloadable="true"
+ />
+
+ <Alias>www.example.com</Alias>
+
+ </Host>
+
+ <Host name="example.net"
+ unpackWARs="true"
+ autoDeploy="true">
+ <Context path=""
+ docBase="../webapps/myapp2"
+ debug="0"
+ reloadable="true"
+ />
+
+ <Alias>www.example.net</Alias>
+
+ <Valve
+ className="org.apache.catalina.valves.AccessLogValve"
+ directory="logs"
+ prefix="localhost_access_log."
+ fileDateFormat="yyyy-MM-dd-HH"
+ suffix=".log"
+ pattern="%h %l %u %t "%m http://%v%U %H" %s %b "%{Referer}i" "%{User-Agent}i" %D" />
+ <Valve
+ className="org.apache.catalina.authenticator.SingleSignOn" />
+
+ </Host>
+
+
+ </Engine>
+ </Service>
+</Server>
diff --git a/test/salt/comparison_files/server_xml/debian-10.xml b/test/salt/comparison_files/server_xml/debian-10.xml
new file mode 100644
index 0000000000000000000000000000000000000000..93757aecf565fa89af5a36344451d42a6f606e0d
--- /dev/null
+++ b/test/salt/comparison_files/server_xml/debian-10.xml
@@ -0,0 +1,148 @@
+<?xml version='1.0' encoding='utf-8'?>
+<!--
+
+ This file is managed/autogenerated by salt.
+ Manual changes risk being overwritten.
+
+ Modify the salt pillar for the tomcat formula
+ that generates this file instead.
+
+-->
+<!--
+ Licensed to the Apache Software Foundation (ASF) under one or more
+ contributor license agreements. See the NOTICE file distributed with
+ this work for additional information regarding copyright ownership.
+ The ASF licenses this file to You under the Apache License, Version 2.0
+ (the "License"); you may not use this file except in compliance with
+ the License. You may obtain a copy of the License at
+
+ http://www.apache.org/licenses/LICENSE-2.0
+
+ Unless required by applicable law or agreed to in writing, software
+ distributed under the License is distributed on an "AS IS" BASIS,
+ WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ See the License for the specific language governing permissions and
+ limitations under the License.
+-->
+<!-- Note: A "Server" is not itself a "Container", so you may not
+ define subcomponents such as "Valves" at this level.
+ Documentation at /docs/config/server.html
+ -->
+<Server port="8005" shutdown="SHUTDOWN">
+ <!-- Security listener. Documentation at /docs/config/listeners.html
+ <Listener className="org.apache.catalina.security.SecurityListener" />
+ -->
+
+ <!--APR library loader. Documentation at /docs/apr.html -->
+ <Listener className="org.apache.catalina.core.AprLifecycleListener" SSLEngine="on" />
+
+
+
+
+ <!-- Prevent memory leaks due to use of particular java/javax APIs-->
+ <!--Initialize Jasper prior to webapps are loaded. Documentation at /docs/jasper-howto.html -->
+ <Listener className="org.apache.catalina.core.JreMemoryLeakPreventionListener" />
+ <Listener className="org.apache.catalina.mbeans.GlobalResourcesLifecycleListener" />
+ <Listener className="org.apache.catalina.core.ThreadLocalLeakPreventionListener" />
+
+ <!-- Global JNDI resources
+ Documentation at /docs/jndi-resources-howto.html
+ -->
+ <GlobalNamingResources>
+
+
+ <!-- Editable user database that can also be used by
+ UserDatabaseRealm to authenticate users
+ -->
+ <Resource name="UserDatabase" auth="Container"
+ type="org.apache.catalina.UserDatabase"
+ description="User database that can be updated and saved"
+ factory="org.apache.catalina.users.MemoryUserDatabaseFactory"
+ pathname="conf/tomcat-users.xml" />
+ </GlobalNamingResources>
+
+ <!-- A "Service" is a collection of one or more "Connectors" that share
+ a single "Container" Note: A "Service" is not itself a "Container",
+ so you may not define subcomponents such as "Valves" at this level.
+ Documentation at /docs/config/service.html
+ -->
+ <Service name="Catalina">
+ <Connector
+
+ port="8443"
+ protocol="org.apache.coyote.http11.Http11Protocol"
+ connectionTimeout="20000"
+ URIEncoding="UTF-8"
+ redirectPort="8443"
+ maxHttpHeaderSize="8192"
+ maxThreads="150"
+ minSpareThreads="25"
+ enableLookups="false"
+ disableUploadTimeout="true"
+ acceptCount="100"
+ scheme="https"
+ secure="true"
+ clientAuth="false"
+ sslProtocol="TLS"
+ SSLEnabled="false"
+ keystoreFile="/path/to/keystoreFile"
+ keystorePass="somerandomtext"
+ />
+
+
+ <Engine name="Catalina" defaultHost="localhost">
+
+ <!-- Use the LockOutRealm to prevent attempts to guess user passwords
+ via a brute-force attack -->
+ <Realm className="org.apache.catalina.realm.LockOutRealm">
+ <!-- This Realm uses the UserDatabase configured in the global JNDI
+ resources under the key "UserDatabase". Any edits
+ that are performed against this UserDatabase are immediately
+ available for use by the Realm. -->
+ <Realm className="org.apache.catalina.realm.UserDatabaseRealm"
+ resourceName="UserDatabase"/>
+ </Realm>
+
+
+
+ <Host name="tomcat-server"
+ unpackWARs="true"
+ autoDeploy="true"
+ deployXML="false">
+ <Context path=""
+ docBase="../webapps/myapp"
+ debug="0"
+ reloadable="true"
+ />
+
+ <Alias>www.example.com</Alias>
+
+ </Host>
+
+ <Host name="example.net"
+ unpackWARs="true"
+ autoDeploy="true">
+ <Context path=""
+ docBase="../webapps/myapp2"
+ debug="0"
+ reloadable="true"
+ />
+
+ <Alias>www.example.net</Alias>
+
+ <Valve
+ className="org.apache.catalina.valves.AccessLogValve"
+ directory="logs"
+ prefix="localhost_access_log."
+ fileDateFormat="yyyy-MM-dd-HH"
+ suffix=".log"
+ pattern="%h %l %u %t "%m http://%v%U %H" %s %b "%{Referer}i" "%{User-Agent}i" %D" />
+ <Valve
+ className="org.apache.catalina.authenticator.SingleSignOn" />
+
+ </Host>
+
+
+ </Engine>
+ </Service>
+</Server>
diff --git a/test/salt/comparison_files/server_xml/debian-8.xml b/test/salt/comparison_files/server_xml/debian-8.xml
new file mode 100644
index 0000000000000000000000000000000000000000..2e67370404a538bd9475fdc6258f852034220fe3
--- /dev/null
+++ b/test/salt/comparison_files/server_xml/debian-8.xml
@@ -0,0 +1,173 @@
+<?xml version='1.0' encoding='utf-8'?>
+<!--
+
+ This file is managed/autogenerated by salt.
+ Manual changes risk being overwritten.
+
+ Modify the salt pillar for the tomcat formula
+ that generates this file instead.
+
+-->
+<!--
+ Licensed to the Apache Software Foundation (ASF) under one or more
+ contributor license agreements. See the NOTICE file distributed with
+ this work for additional information regarding copyright ownership.
+ The ASF licenses this file to You under the Apache License, Version 2.0
+ (the "License"); you may not use this file except in compliance with
+ the License. You may obtain a copy of the License at
+
+ http://www.apache.org/licenses/LICENSE-2.0
+
+ Unless required by applicable law or agreed to in writing, software
+ distributed under the License is distributed on an "AS IS" BASIS,
+ WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ See the License for the specific language governing permissions and
+ limitations under the License.
+-->
+<!-- Note: A "Server" is not itself a "Container", so you may not
+ define subcomponents such as "Valves" at this level.
+ Documentation at /docs/config/server.html
+ -->
+<Server port="8005" shutdown="SHUTDOWN">
+ <!-- Security listener. Documentation at /docs/config/listeners.html
+ <Listener className="org.apache.catalina.security.SecurityListener" />
+ -->
+
+ <!--APR library loader. Documentation at /docs/apr.html -->
+ <Listener className="org.apache.catalina.core.AprLifecycleListener" SSLEngine="on" />
+
+
+
+ <Listener className="org.apache.catalina.core.JasperListener" />
+
+
+ <!-- Prevent memory leaks due to use of particular java/javax APIs-->
+ <!--Initialize Jasper prior to webapps are loaded. Documentation at /docs/jasper-howto.html -->
+ <Listener className="org.apache.catalina.core.JreMemoryLeakPreventionListener" />
+ <Listener className="org.apache.catalina.mbeans.GlobalResourcesLifecycleListener" />
+ <Listener className="org.apache.catalina.core.ThreadLocalLeakPreventionListener" />
+
+ <!-- Global JNDI resources
+ Documentation at /docs/jndi-resources-howto.html
+ -->
+ <GlobalNamingResources>
+
+
+ <!-- Editable user database that can also be used by
+ UserDatabaseRealm to authenticate users
+ -->
+ <Resource name="UserDatabase" auth="Container"
+ type="org.apache.catalina.UserDatabase"
+ description="User database that can be updated and saved"
+ factory="org.apache.catalina.users.MemoryUserDatabaseFactory"
+ pathname="conf/tomcat-users.xml" />
+ </GlobalNamingResources>
+
+ <!-- A "Service" is a collection of one or more "Connectors" that share
+ a single "Container" Note: A "Service" is not itself a "Container",
+ so you may not define subcomponents such as "Valves" at this level.
+ Documentation at /docs/config/service.html
+ -->
+ <Service name="Catalina">
+ <Connector
+
+ sslProtocol="TLS"
+ maxThreads="150"
+ protocol="org.apache.coyote.http11.Http11Protocol"
+ secure="true"
+ enableLookups="false"
+ clientAuth="false"
+ SSLEnabled="false"
+ keystoreFile="/path/to/keystoreFile"
+ redirectPort="8443"
+ URIEncoding="UTF-8"
+ minSpareThreads="25"
+ disableUploadTimeout="true"
+ acceptCount="100"
+ keystorePass="somerandomtext"
+ connectionTimeout="20000"
+ scheme="https"
+ maxHttpHeaderSize="8192"
+ port="8443"
+ />
+
+
+ <Engine name="Catalina" defaultHost="localhost" jvmRoute="HOSTNAME_PLACEHOLDER">
+
+ <Cluster className="org.apache.catalina.ha.tcp.SimpleTcpCluster" channelSendOptions="8">
+ <Manager className="org.apache.catalina.ha.session.DeltaManager" expireSessionsOnShutdown="false" notifyListenersOnReplication="true"/>
+ <Channel className="org.apache.catalina.tribes.group.GroupChannel">
+ <Membership className="org.apache.catalina.tribes.membership.McastService" address="228.0.0.4" port="45564" frequency="500" dropTime="3000"/>
+ <Sender className="org.apache.catalina.tribes.transport.ReplicationTransmitter">
+ <Transport className="org.apache.catalina.tribes.transport.nio.PooledParallelSender"/>
+ </Sender>
+
+ <Receiver className="org.apache.catalina.tribes.transport.nio.NioReceiver" address="auto" port="4000" autoBind="100" selectorTimeout="5000" maxThreads="6"/>
+
+ <Interceptor className="org.apache.catalina.tribes.group.interceptors.TcpFailureDetector"/>
+ <Interceptor className="org.apache.catalina.tribes.group.interceptors.MessageDispatch15Interceptor"/>
+
+ </Channel>
+ <Valve className="org.apache.catalina.ha.tcp.ReplicationValve" filter=""/>
+ <Valve className="org.apache.catalina.ha.session.JvmRouteBinderValve"/>
+
+
+ <ClusterListener className="org.apache.catalina.ha.session.JvmRouteSessionIDBinderListener"/>
+
+ <ClusterListener className="org.apache.catalina.ha.session.ClusterSessionListener"/>
+ </Cluster>
+
+ <!-- Use the LockOutRealm to prevent attempts to guess user passwords
+ via a brute-force attack -->
+ <Realm className="org.apache.catalina.realm.LockOutRealm">
+ <!-- This Realm uses the UserDatabase configured in the global JNDI
+ resources under the key "UserDatabase". Any edits
+ that are performed against this UserDatabase are immediately
+ available for use by the Realm. -->
+ <Realm className="org.apache.catalina.realm.UserDatabaseRealm"
+ resourceName="UserDatabase"/>
+ </Realm>
+
+
+
+ <Host name="example.net"
+ unpackWARs="true"
+ autoDeploy="true">
+ <Context path="u''"
+ docBase="../webapps/myapp2"
+ debug="0"
+ reloadable="true"
+ />
+
+ <Alias>www.example.net</Alias>
+
+ <Valve
+ fileDateFormat="yyyy-MM-dd-HH"
+ pattern="%h %l %u %t "%m http://%v%U %H" %s %b "%{Referer}i" "%{User-Agent}i" %D"
+ className="org.apache.catalina.valves.AccessLogValve"
+ prefix="localhost_access_log."
+ directory="logs"
+ suffix=".log" />
+ <Valve
+ className="org.apache.catalina.authenticator.SingleSignOn" />
+
+ </Host>
+
+ <Host name="tomcat-server"
+ deployXML="false"
+ unpackWARs="true"
+ autoDeploy="true">
+ <Context path="u''"
+ docBase="../webapps/myapp"
+ debug="0"
+ reloadable="true"
+ />
+
+ <Alias>www.example.com</Alias>
+
+ </Host>
+
+
+ </Engine>
+ </Service>
+</Server>
diff --git a/test/salt/comparison_files/server_xml/debian-9.xml b/test/salt/comparison_files/server_xml/debian-9.xml
new file mode 100644
index 0000000000000000000000000000000000000000..c2cbc2563736645b72abc3fee1765ec2b1fad207
--- /dev/null
+++ b/test/salt/comparison_files/server_xml/debian-9.xml
@@ -0,0 +1,148 @@
+<?xml version='1.0' encoding='utf-8'?>
+<!--
+
+ This file is managed/autogenerated by salt.
+ Manual changes risk being overwritten.
+
+ Modify the salt pillar for the tomcat formula
+ that generates this file instead.
+
+-->
+<!--
+ Licensed to the Apache Software Foundation (ASF) under one or more
+ contributor license agreements. See the NOTICE file distributed with
+ this work for additional information regarding copyright ownership.
+ The ASF licenses this file to You under the Apache License, Version 2.0
+ (the "License"); you may not use this file except in compliance with
+ the License. You may obtain a copy of the License at
+
+ http://www.apache.org/licenses/LICENSE-2.0
+
+ Unless required by applicable law or agreed to in writing, software
+ distributed under the License is distributed on an "AS IS" BASIS,
+ WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ See the License for the specific language governing permissions and
+ limitations under the License.
+-->
+<!-- Note: A "Server" is not itself a "Container", so you may not
+ define subcomponents such as "Valves" at this level.
+ Documentation at /docs/config/server.html
+ -->
+<Server port="8005" shutdown="SHUTDOWN">
+ <!-- Security listener. Documentation at /docs/config/listeners.html
+ <Listener className="org.apache.catalina.security.SecurityListener" />
+ -->
+
+ <!--APR library loader. Documentation at /docs/apr.html -->
+ <Listener className="org.apache.catalina.core.AprLifecycleListener" SSLEngine="on" />
+
+
+
+
+ <!-- Prevent memory leaks due to use of particular java/javax APIs-->
+ <!--Initialize Jasper prior to webapps are loaded. Documentation at /docs/jasper-howto.html -->
+ <Listener className="org.apache.catalina.core.JreMemoryLeakPreventionListener" />
+ <Listener className="org.apache.catalina.mbeans.GlobalResourcesLifecycleListener" />
+ <Listener className="org.apache.catalina.core.ThreadLocalLeakPreventionListener" />
+
+ <!-- Global JNDI resources
+ Documentation at /docs/jndi-resources-howto.html
+ -->
+ <GlobalNamingResources>
+
+
+ <!-- Editable user database that can also be used by
+ UserDatabaseRealm to authenticate users
+ -->
+ <Resource name="UserDatabase" auth="Container"
+ type="org.apache.catalina.UserDatabase"
+ description="User database that can be updated and saved"
+ factory="org.apache.catalina.users.MemoryUserDatabaseFactory"
+ pathname="conf/tomcat-users.xml" />
+ </GlobalNamingResources>
+
+ <!-- A "Service" is a collection of one or more "Connectors" that share
+ a single "Container" Note: A "Service" is not itself a "Container",
+ so you may not define subcomponents such as "Valves" at this level.
+ Documentation at /docs/config/service.html
+ -->
+ <Service name="Catalina">
+ <Connector
+
+ port="8443"
+ protocol="org.apache.coyote.http11.Http11Protocol"
+ maxThreads="150"
+ URIEncoding="UTF-8"
+ minSpareThreads="25"
+ sslProtocol="TLS"
+ connectionTimeout="20000"
+ secure="true"
+ maxHttpHeaderSize="8192"
+ SSLEnabled="false"
+ keystoreFile="/path/to/keystoreFile"
+ redirectPort="8443"
+ acceptCount="100"
+ keystorePass="somerandomtext"
+ scheme="https"
+ enableLookups="false"
+ clientAuth="false"
+ disableUploadTimeout="true"
+ />
+
+
+ <Engine name="Catalina" defaultHost="localhost">
+
+ <!-- Use the LockOutRealm to prevent attempts to guess user passwords
+ via a brute-force attack -->
+ <Realm className="org.apache.catalina.realm.LockOutRealm">
+ <!-- This Realm uses the UserDatabase configured in the global JNDI
+ resources under the key "UserDatabase". Any edits
+ that are performed against this UserDatabase are immediately
+ available for use by the Realm. -->
+ <Realm className="org.apache.catalina.realm.UserDatabaseRealm"
+ resourceName="UserDatabase"/>
+ </Realm>
+
+
+
+ <Host name="example.net"
+ autoDeploy="true"
+ unpackWARs="true">
+ <Context path=""
+ docBase="../webapps/myapp2"
+ debug="0"
+ reloadable="true"
+ />
+
+ <Alias>www.example.net</Alias>
+
+ <Valve
+ directory="logs"
+ className="org.apache.catalina.valves.AccessLogValve"
+ prefix="localhost_access_log."
+ suffix=".log"
+ pattern="%h %l %u %t "%m http://%v%U %H" %s %b "%{Referer}i" "%{User-Agent}i" %D"
+ fileDateFormat="yyyy-MM-dd-HH" />
+ <Valve
+ className="org.apache.catalina.authenticator.SingleSignOn" />
+
+ </Host>
+
+ <Host name="tomcat-server"
+ autoDeploy="true"
+ unpackWARs="true"
+ deployXML="false">
+ <Context path=""
+ docBase="../webapps/myapp"
+ debug="0"
+ reloadable="true"
+ />
+
+ <Alias>www.example.com</Alias>
+
+ </Host>
+
+
+ </Engine>
+ </Service>
+</Server>
diff --git a/test/salt/comparison_files/server_xml/fedora-31.xml b/test/salt/comparison_files/server_xml/fedora-31.xml
new file mode 100644
index 0000000000000000000000000000000000000000..93757aecf565fa89af5a36344451d42a6f606e0d
--- /dev/null
+++ b/test/salt/comparison_files/server_xml/fedora-31.xml
@@ -0,0 +1,148 @@
+<?xml version='1.0' encoding='utf-8'?>
+<!--
+
+ This file is managed/autogenerated by salt.
+ Manual changes risk being overwritten.
+
+ Modify the salt pillar for the tomcat formula
+ that generates this file instead.
+
+-->
+<!--
+ Licensed to the Apache Software Foundation (ASF) under one or more
+ contributor license agreements. See the NOTICE file distributed with
+ this work for additional information regarding copyright ownership.
+ The ASF licenses this file to You under the Apache License, Version 2.0
+ (the "License"); you may not use this file except in compliance with
+ the License. You may obtain a copy of the License at
+
+ http://www.apache.org/licenses/LICENSE-2.0
+
+ Unless required by applicable law or agreed to in writing, software
+ distributed under the License is distributed on an "AS IS" BASIS,
+ WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ See the License for the specific language governing permissions and
+ limitations under the License.
+-->
+<!-- Note: A "Server" is not itself a "Container", so you may not
+ define subcomponents such as "Valves" at this level.
+ Documentation at /docs/config/server.html
+ -->
+<Server port="8005" shutdown="SHUTDOWN">
+ <!-- Security listener. Documentation at /docs/config/listeners.html
+ <Listener className="org.apache.catalina.security.SecurityListener" />
+ -->
+
+ <!--APR library loader. Documentation at /docs/apr.html -->
+ <Listener className="org.apache.catalina.core.AprLifecycleListener" SSLEngine="on" />
+
+
+
+
+ <!-- Prevent memory leaks due to use of particular java/javax APIs-->
+ <!--Initialize Jasper prior to webapps are loaded. Documentation at /docs/jasper-howto.html -->
+ <Listener className="org.apache.catalina.core.JreMemoryLeakPreventionListener" />
+ <Listener className="org.apache.catalina.mbeans.GlobalResourcesLifecycleListener" />
+ <Listener className="org.apache.catalina.core.ThreadLocalLeakPreventionListener" />
+
+ <!-- Global JNDI resources
+ Documentation at /docs/jndi-resources-howto.html
+ -->
+ <GlobalNamingResources>
+
+
+ <!-- Editable user database that can also be used by
+ UserDatabaseRealm to authenticate users
+ -->
+ <Resource name="UserDatabase" auth="Container"
+ type="org.apache.catalina.UserDatabase"
+ description="User database that can be updated and saved"
+ factory="org.apache.catalina.users.MemoryUserDatabaseFactory"
+ pathname="conf/tomcat-users.xml" />
+ </GlobalNamingResources>
+
+ <!-- A "Service" is a collection of one or more "Connectors" that share
+ a single "Container" Note: A "Service" is not itself a "Container",
+ so you may not define subcomponents such as "Valves" at this level.
+ Documentation at /docs/config/service.html
+ -->
+ <Service name="Catalina">
+ <Connector
+
+ port="8443"
+ protocol="org.apache.coyote.http11.Http11Protocol"
+ connectionTimeout="20000"
+ URIEncoding="UTF-8"
+ redirectPort="8443"
+ maxHttpHeaderSize="8192"
+ maxThreads="150"
+ minSpareThreads="25"
+ enableLookups="false"
+ disableUploadTimeout="true"
+ acceptCount="100"
+ scheme="https"
+ secure="true"
+ clientAuth="false"
+ sslProtocol="TLS"
+ SSLEnabled="false"
+ keystoreFile="/path/to/keystoreFile"
+ keystorePass="somerandomtext"
+ />
+
+
+ <Engine name="Catalina" defaultHost="localhost">
+
+ <!-- Use the LockOutRealm to prevent attempts to guess user passwords
+ via a brute-force attack -->
+ <Realm className="org.apache.catalina.realm.LockOutRealm">
+ <!-- This Realm uses the UserDatabase configured in the global JNDI
+ resources under the key "UserDatabase". Any edits
+ that are performed against this UserDatabase are immediately
+ available for use by the Realm. -->
+ <Realm className="org.apache.catalina.realm.UserDatabaseRealm"
+ resourceName="UserDatabase"/>
+ </Realm>
+
+
+
+ <Host name="tomcat-server"
+ unpackWARs="true"
+ autoDeploy="true"
+ deployXML="false">
+ <Context path=""
+ docBase="../webapps/myapp"
+ debug="0"
+ reloadable="true"
+ />
+
+ <Alias>www.example.com</Alias>
+
+ </Host>
+
+ <Host name="example.net"
+ unpackWARs="true"
+ autoDeploy="true">
+ <Context path=""
+ docBase="../webapps/myapp2"
+ debug="0"
+ reloadable="true"
+ />
+
+ <Alias>www.example.net</Alias>
+
+ <Valve
+ className="org.apache.catalina.valves.AccessLogValve"
+ directory="logs"
+ prefix="localhost_access_log."
+ fileDateFormat="yyyy-MM-dd-HH"
+ suffix=".log"
+ pattern="%h %l %u %t "%m http://%v%U %H" %s %b "%{Referer}i" "%{User-Agent}i" %D" />
+ <Valve
+ className="org.apache.catalina.authenticator.SingleSignOn" />
+
+ </Host>
+
+
+ </Engine>
+ </Service>
+</Server>
diff --git a/test/salt/comparison_files/server_xml/opensuse-15.xml b/test/salt/comparison_files/server_xml/opensuse-15.xml
new file mode 100644
index 0000000000000000000000000000000000000000..ed7175b5c6f37ddf63fe08ce14bf9af9171b1d15
--- /dev/null
+++ b/test/salt/comparison_files/server_xml/opensuse-15.xml
@@ -0,0 +1,99 @@
+<?xml version="1.0" encoding="UTF-8"?><!--
+
+ This file is managed/autogenerated by salt.
+ Manual changes risk being overwritten.
+
+ Modify the salt pillar for the tomcat formula
+ that generates this file instead.
+
+--><!--
+ Licensed to the Apache Software Foundation (ASF) under one or more
+ contributor license agreements. See the NOTICE file distributed with
+ this work for additional information regarding copyright ownership.
+ The ASF licenses this file to You under the Apache License, Version 2.0
+ (the "License"); you may not use this file except in compliance with
+ the License. You may obtain a copy of the License at
+
+ http://www.apache.org/licenses/LICENSE-2.0
+
+ Unless required by applicable law or agreed to in writing, software
+ distributed under the License is distributed on an "AS IS" BASIS,
+ WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ See the License for the specific language governing permissions and
+ limitations under the License.
+--><!-- Note: A "Server" is not itself a "Container", so you may not
+ define subcomponents such as "Valves" at this level.
+ Documentation at /docs/config/server.html
+ --><Server port="8005" shutdown="SHUTDOWN">
+ <!-- Security listener. Documentation at /docs/config/listeners.html
+ <Listener className="org.apache.catalina.security.SecurityListener" />
+ -->
+
+ <!--APR library loader. Documentation at /docs/apr.html -->
+ <Listener SSLEngine="on" className="org.apache.catalina.core.AprLifecycleListener"/>
+
+
+
+
+ <!-- Prevent memory leaks due to use of particular java/javax APIs-->
+ <!--Initialize Jasper prior to webapps are loaded. Documentation at /docs/jasper-howto.html -->
+ <Listener className="org.apache.catalina.core.JreMemoryLeakPreventionListener"/>
+ <Listener className="org.apache.catalina.mbeans.GlobalResourcesLifecycleListener"/>
+ <Listener className="org.apache.catalina.core.ThreadLocalLeakPreventionListener"/>
+
+ <!-- Global JNDI resources
+ Documentation at /docs/jndi-resources-howto.html
+ -->
+ <GlobalNamingResources>
+
+
+ <!-- Editable user database that can also be used by
+ UserDatabaseRealm to authenticate users
+ -->
+ <Resource auth="Container" description="User database that can be updated and saved" factory="org.apache.catalina.users.MemoryUserDatabaseFactory" name="UserDatabase" pathname="conf/tomcat-users.xml" type="org.apache.catalina.UserDatabase"/>
+ </GlobalNamingResources>
+
+ <!-- A "Service" is a collection of one or more "Connectors" that share
+ a single "Container" Note: A "Service" is not itself a "Container",
+ so you may not define subcomponents such as "Valves" at this level.
+ Documentation at /docs/config/service.html
+ -->
+ <Service name="Catalina">
+ <Connector SSLEnabled="false" URIEncoding="UTF-8" acceptCount="100" clientAuth="false" connectionTimeout="20000" disableUploadTimeout="true" enableLookups="false" keystoreFile="/path/to/keystoreFile" keystorePass="somerandomtext" maxHttpHeaderSize="8192" maxThreads="150" minSpareThreads="25" port="8443" protocol="org.apache.coyote.http11.Http11Protocol" redirectPort="8443" scheme="https" secure="true" sslProtocol="TLS"/>
+
+
+ <Engine defaultHost="localhost" name="Catalina">
+
+ <!-- Use the LockOutRealm to prevent attempts to guess user passwords
+ via a brute-force attack -->
+ <Realm className="org.apache.catalina.realm.LockOutRealm">
+ <!-- This Realm uses the UserDatabase configured in the global JNDI
+ resources under the key "UserDatabase". Any edits
+ that are performed against this UserDatabase are immediately
+ available for use by the Realm. -->
+ <Realm className="org.apache.catalina.realm.UserDatabaseRealm" resourceName="UserDatabase"/>
+ </Realm>
+
+
+
+ <Host autoDeploy="true" deployXML="false" name="tomcat-server" unpackWARs="true">
+ <Context debug="0" docBase="../webapps/myapp" path="" reloadable="true"/>
+
+ <Alias>www.example.com</Alias>
+
+ </Host>
+
+ <Host autoDeploy="true" name="example.net" unpackWARs="true">
+ <Context debug="0" docBase="../webapps/myapp2" path="" reloadable="true"/>
+
+ <Alias>www.example.net</Alias>
+
+ <Valve className="org.apache.catalina.valves.AccessLogValve" directory="logs" fileDateFormat="yyyy-MM-dd-HH" pattern="%h %l %u %t "%m http://%v%U %H" %s %b "%{Referer}i" "%{User-Agent}i" %D" prefix="localhost_access_log." suffix=".log"/>
+ <Valve className="org.apache.catalina.authenticator.SingleSignOn"/>
+
+ </Host>
+
+
+ </Engine>
+ </Service>
+</Server>
\ No newline at end of file
diff --git a/test/salt/comparison_files/server_xml/ubuntu-16.xml b/test/salt/comparison_files/server_xml/ubuntu-16.xml
new file mode 100644
index 0000000000000000000000000000000000000000..93757aecf565fa89af5a36344451d42a6f606e0d
--- /dev/null
+++ b/test/salt/comparison_files/server_xml/ubuntu-16.xml
@@ -0,0 +1,148 @@
+<?xml version='1.0' encoding='utf-8'?>
+<!--
+
+ This file is managed/autogenerated by salt.
+ Manual changes risk being overwritten.
+
+ Modify the salt pillar for the tomcat formula
+ that generates this file instead.
+
+-->
+<!--
+ Licensed to the Apache Software Foundation (ASF) under one or more
+ contributor license agreements. See the NOTICE file distributed with
+ this work for additional information regarding copyright ownership.
+ The ASF licenses this file to You under the Apache License, Version 2.0
+ (the "License"); you may not use this file except in compliance with
+ the License. You may obtain a copy of the License at
+
+ http://www.apache.org/licenses/LICENSE-2.0
+
+ Unless required by applicable law or agreed to in writing, software
+ distributed under the License is distributed on an "AS IS" BASIS,
+ WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ See the License for the specific language governing permissions and
+ limitations under the License.
+-->
+<!-- Note: A "Server" is not itself a "Container", so you may not
+ define subcomponents such as "Valves" at this level.
+ Documentation at /docs/config/server.html
+ -->
+<Server port="8005" shutdown="SHUTDOWN">
+ <!-- Security listener. Documentation at /docs/config/listeners.html
+ <Listener className="org.apache.catalina.security.SecurityListener" />
+ -->
+
+ <!--APR library loader. Documentation at /docs/apr.html -->
+ <Listener className="org.apache.catalina.core.AprLifecycleListener" SSLEngine="on" />
+
+
+
+
+ <!-- Prevent memory leaks due to use of particular java/javax APIs-->
+ <!--Initialize Jasper prior to webapps are loaded. Documentation at /docs/jasper-howto.html -->
+ <Listener className="org.apache.catalina.core.JreMemoryLeakPreventionListener" />
+ <Listener className="org.apache.catalina.mbeans.GlobalResourcesLifecycleListener" />
+ <Listener className="org.apache.catalina.core.ThreadLocalLeakPreventionListener" />
+
+ <!-- Global JNDI resources
+ Documentation at /docs/jndi-resources-howto.html
+ -->
+ <GlobalNamingResources>
+
+
+ <!-- Editable user database that can also be used by
+ UserDatabaseRealm to authenticate users
+ -->
+ <Resource name="UserDatabase" auth="Container"
+ type="org.apache.catalina.UserDatabase"
+ description="User database that can be updated and saved"
+ factory="org.apache.catalina.users.MemoryUserDatabaseFactory"
+ pathname="conf/tomcat-users.xml" />
+ </GlobalNamingResources>
+
+ <!-- A "Service" is a collection of one or more "Connectors" that share
+ a single "Container" Note: A "Service" is not itself a "Container",
+ so you may not define subcomponents such as "Valves" at this level.
+ Documentation at /docs/config/service.html
+ -->
+ <Service name="Catalina">
+ <Connector
+
+ port="8443"
+ protocol="org.apache.coyote.http11.Http11Protocol"
+ connectionTimeout="20000"
+ URIEncoding="UTF-8"
+ redirectPort="8443"
+ maxHttpHeaderSize="8192"
+ maxThreads="150"
+ minSpareThreads="25"
+ enableLookups="false"
+ disableUploadTimeout="true"
+ acceptCount="100"
+ scheme="https"
+ secure="true"
+ clientAuth="false"
+ sslProtocol="TLS"
+ SSLEnabled="false"
+ keystoreFile="/path/to/keystoreFile"
+ keystorePass="somerandomtext"
+ />
+
+
+ <Engine name="Catalina" defaultHost="localhost">
+
+ <!-- Use the LockOutRealm to prevent attempts to guess user passwords
+ via a brute-force attack -->
+ <Realm className="org.apache.catalina.realm.LockOutRealm">
+ <!-- This Realm uses the UserDatabase configured in the global JNDI
+ resources under the key "UserDatabase". Any edits
+ that are performed against this UserDatabase are immediately
+ available for use by the Realm. -->
+ <Realm className="org.apache.catalina.realm.UserDatabaseRealm"
+ resourceName="UserDatabase"/>
+ </Realm>
+
+
+
+ <Host name="tomcat-server"
+ unpackWARs="true"
+ autoDeploy="true"
+ deployXML="false">
+ <Context path=""
+ docBase="../webapps/myapp"
+ debug="0"
+ reloadable="true"
+ />
+
+ <Alias>www.example.com</Alias>
+
+ </Host>
+
+ <Host name="example.net"
+ unpackWARs="true"
+ autoDeploy="true">
+ <Context path=""
+ docBase="../webapps/myapp2"
+ debug="0"
+ reloadable="true"
+ />
+
+ <Alias>www.example.net</Alias>
+
+ <Valve
+ className="org.apache.catalina.valves.AccessLogValve"
+ directory="logs"
+ prefix="localhost_access_log."
+ fileDateFormat="yyyy-MM-dd-HH"
+ suffix=".log"
+ pattern="%h %l %u %t "%m http://%v%U %H" %s %b "%{Referer}i" "%{User-Agent}i" %D" />
+ <Valve
+ className="org.apache.catalina.authenticator.SingleSignOn" />
+
+ </Host>
+
+
+ </Engine>
+ </Service>
+</Server>
diff --git a/test/salt/comparison_files/server_xml/ubuntu-18.xml b/test/salt/comparison_files/server_xml/ubuntu-18.xml
new file mode 100644
index 0000000000000000000000000000000000000000..93757aecf565fa89af5a36344451d42a6f606e0d
--- /dev/null
+++ b/test/salt/comparison_files/server_xml/ubuntu-18.xml
@@ -0,0 +1,148 @@
+<?xml version='1.0' encoding='utf-8'?>
+<!--
+
+ This file is managed/autogenerated by salt.
+ Manual changes risk being overwritten.
+
+ Modify the salt pillar for the tomcat formula
+ that generates this file instead.
+
+-->
+<!--
+ Licensed to the Apache Software Foundation (ASF) under one or more
+ contributor license agreements. See the NOTICE file distributed with
+ this work for additional information regarding copyright ownership.
+ The ASF licenses this file to You under the Apache License, Version 2.0
+ (the "License"); you may not use this file except in compliance with
+ the License. You may obtain a copy of the License at
+
+ http://www.apache.org/licenses/LICENSE-2.0
+
+ Unless required by applicable law or agreed to in writing, software
+ distributed under the License is distributed on an "AS IS" BASIS,
+ WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ See the License for the specific language governing permissions and
+ limitations under the License.
+-->
+<!-- Note: A "Server" is not itself a "Container", so you may not
+ define subcomponents such as "Valves" at this level.
+ Documentation at /docs/config/server.html
+ -->
+<Server port="8005" shutdown="SHUTDOWN">
+ <!-- Security listener. Documentation at /docs/config/listeners.html
+ <Listener className="org.apache.catalina.security.SecurityListener" />
+ -->
+
+ <!--APR library loader. Documentation at /docs/apr.html -->
+ <Listener className="org.apache.catalina.core.AprLifecycleListener" SSLEngine="on" />
+
+
+
+
+ <!-- Prevent memory leaks due to use of particular java/javax APIs-->
+ <!--Initialize Jasper prior to webapps are loaded. Documentation at /docs/jasper-howto.html -->
+ <Listener className="org.apache.catalina.core.JreMemoryLeakPreventionListener" />
+ <Listener className="org.apache.catalina.mbeans.GlobalResourcesLifecycleListener" />
+ <Listener className="org.apache.catalina.core.ThreadLocalLeakPreventionListener" />
+
+ <!-- Global JNDI resources
+ Documentation at /docs/jndi-resources-howto.html
+ -->
+ <GlobalNamingResources>
+
+
+ <!-- Editable user database that can also be used by
+ UserDatabaseRealm to authenticate users
+ -->
+ <Resource name="UserDatabase" auth="Container"
+ type="org.apache.catalina.UserDatabase"
+ description="User database that can be updated and saved"
+ factory="org.apache.catalina.users.MemoryUserDatabaseFactory"
+ pathname="conf/tomcat-users.xml" />
+ </GlobalNamingResources>
+
+ <!-- A "Service" is a collection of one or more "Connectors" that share
+ a single "Container" Note: A "Service" is not itself a "Container",
+ so you may not define subcomponents such as "Valves" at this level.
+ Documentation at /docs/config/service.html
+ -->
+ <Service name="Catalina">
+ <Connector
+
+ port="8443"
+ protocol="org.apache.coyote.http11.Http11Protocol"
+ connectionTimeout="20000"
+ URIEncoding="UTF-8"
+ redirectPort="8443"
+ maxHttpHeaderSize="8192"
+ maxThreads="150"
+ minSpareThreads="25"
+ enableLookups="false"
+ disableUploadTimeout="true"
+ acceptCount="100"
+ scheme="https"
+ secure="true"
+ clientAuth="false"
+ sslProtocol="TLS"
+ SSLEnabled="false"
+ keystoreFile="/path/to/keystoreFile"
+ keystorePass="somerandomtext"
+ />
+
+
+ <Engine name="Catalina" defaultHost="localhost">
+
+ <!-- Use the LockOutRealm to prevent attempts to guess user passwords
+ via a brute-force attack -->
+ <Realm className="org.apache.catalina.realm.LockOutRealm">
+ <!-- This Realm uses the UserDatabase configured in the global JNDI
+ resources under the key "UserDatabase". Any edits
+ that are performed against this UserDatabase are immediately
+ available for use by the Realm. -->
+ <Realm className="org.apache.catalina.realm.UserDatabaseRealm"
+ resourceName="UserDatabase"/>
+ </Realm>
+
+
+
+ <Host name="tomcat-server"
+ unpackWARs="true"
+ autoDeploy="true"
+ deployXML="false">
+ <Context path=""
+ docBase="../webapps/myapp"
+ debug="0"
+ reloadable="true"
+ />
+
+ <Alias>www.example.com</Alias>
+
+ </Host>
+
+ <Host name="example.net"
+ unpackWARs="true"
+ autoDeploy="true">
+ <Context path=""
+ docBase="../webapps/myapp2"
+ debug="0"
+ reloadable="true"
+ />
+
+ <Alias>www.example.net</Alias>
+
+ <Valve
+ className="org.apache.catalina.valves.AccessLogValve"
+ directory="logs"
+ prefix="localhost_access_log."
+ fileDateFormat="yyyy-MM-dd-HH"
+ suffix=".log"
+ pattern="%h %l %u %t "%m http://%v%U %H" %s %b "%{Referer}i" "%{User-Agent}i" %D" />
+ <Valve
+ className="org.apache.catalina.authenticator.SingleSignOn" />
+
+ </Host>
+
+
+ </Engine>
+ </Service>
+</Server>
diff --git a/tomcat/cluster.sls b/tomcat/cluster.sls
index 7c3681b02bac30b2cd30bad168774941bfa590d3..1b2fc34a341be145c4257c8716a89c49d31aa2ae 100644
--- a/tomcat/cluster.sls
+++ b/tomcat/cluster.sls
@@ -3,8 +3,17 @@
include:
- tomcat.config
+{#- TODO: Upon fixing `name` below, this section is only working for Tomcat 7.
+ The `server.xml` template needs adapting for later versions.
+ Refer back to the following resources:
+ * http://tomcat.apache.org/tomcat-7.0-doc/cluster-howto.html
+ * http://tomcat.apache.org/tomcat-8.0-doc/cluster-howto.html
+ * http://tomcat.apache.org/tomcat-9.0-doc/cluster-howto.html
+#}
+{%- if tomcat.ver == 7 %}
tomcat 600_server_xml:
file.accumulated:
+ - name: 600_server_xml
- filename: {{ tomcat.conf_dir }}/server.xml
{% if tomcat.cluster is defined %}
- text: {{ tomcat.cluster }}
@@ -12,3 +21,4 @@ tomcat 600_server_xml:
- require_in:
- file: tomcat server_xml
- unless: test "`uname`" = "Darwin"
+{%- endif %}
diff --git a/tomcat/files/server.xml b/tomcat/files/server.xml
index 0dbd051e878703171741226bcad2fa2cd13a6978..9d063342bb00d57075c917c348467088f46b0f12 100644
--- a/tomcat/files/server.xml
+++ b/tomcat/files/server.xml
@@ -159,12 +159,12 @@
{% endif %}
{%- if site.valves is defined %}
- {%- for valve in site.valves %}
+ {%- for valve in site.valves %}
<Valve
{%- for k, v in valve.items() %}
{{ k }}="{{ v }}"
{%- endfor %} />
- {%- endfor %}
+ {%- endfor %}
{% endif %}
</Host>
{% endfor %}
diff --git a/tomcat/native.sls b/tomcat/native.sls
index 75482654ff504123b76f1401ce5bf3736542adcc..b292f744b2e731f93c8088ae261689f1299a83d3 100644
--- a/tomcat/native.sls
+++ b/tomcat/native.sls
@@ -4,6 +4,18 @@ include:
- tomcat.config
tomcat {{ tomcat.native_pkg }}:
+ {%- if grains.get('osfinger', '') == 'Amazon Linux-2' %}
+ pkgrepo.managed:
+ - name: epel
+ - humanname: Extra Packages for Enterprise Linux 7 - $basearch
+ - mirrorlist: https://mirrors.fedoraproject.org/metalink?repo=epel-7&arch=$basearch
+ - enabled: 1
+ - gpgcheck: 1
+ - gpgkey: https://dl.fedoraproject.org/pub/epel/RPM-GPG-KEY-EPEL-7
+ - failovermethod: priority
+ - require_in:
+ - pkg: tomcat {{ tomcat.native_pkg }}
+ {%- endif %}
pkg.installed:
- name: {{ tomcat.native_pkg }}
diff --git a/tomcat/osfingermap.yaml b/tomcat/osfingermap.yaml
index e2ed9fcda94fcbfe616d8a5d0edf7e05d10f50a2..b741050c2a9562b2e5489b49a17f3188a04fcaa4 100644
--- a/tomcat/osfingermap.yaml
+++ b/tomcat/osfingermap.yaml
@@ -16,7 +16,19 @@ Debian-10:
catalina_pid: /var/run/tomcat9.pid
catalina_tmpdir: /var/cache/tomcat9/temp
Debian-9: {}
-Debian-8: {}
+Debian-8:
+ ver: 7
+ pkg: tomcat7
+ manager_pkg: tomcat7-admin
+ conf_dir: /etc/tomcat7
+ main_config: /etc/default/tomcat7
+ service: tomcat7
+ user: tomcat7
+ group: tomcat7
+ catalina_base: /var/lib/tomcat7
+ catalina_home: /usr/share/tomcat7
+ catalina_pid: /var/run/tomcat7.pid
+ catalina_tmpdir: /var/cache/tomcat7/temp
Debian-7:
pkg: tomcat7
manager_pkg: tomcat7-admin
diff --git a/tomcat/osmap.yaml b/tomcat/osmap.yaml
index de11a67327c8df5c87f623d5f594bfd8ea414ed4..a9a506e9d15fbea635bb07618b6a250c4e3fc082 100644
--- a/tomcat/osmap.yaml
+++ b/tomcat/osmap.yaml
@@ -15,7 +15,8 @@ Ubuntu: {}
Raspbian: {}
# os_family: RedHat
-Fedora: {}
+Fedora:
+ ver: 9
CentOS: {}
Amazon: {}