Skip to content

Commit

Permalink
2.0.0 Release (#2)
Browse files Browse the repository at this point in the history
* ## 1.1.0 - 10/07/2019 - Levon Becker
* Updated CircleCI Config to v2.1
* Updated Gemfile to ChefDK v4.3.13 Gems

* ## 2.0.0 - 10/11/2019 - Levon Becker
* Updated CircleCI Config to v2.1
* Updated Gemfile to ChefDK v4.3.13 Gems
* Updated default to value attributes
* Remove yum_cron
* Wrapped logic with control syntax. Can now call specific controls and ignore inspec attributes.
* Removed inspec from Gemfile
* Removed EPEL test controls
* Renamed some attributes so it's not backwards compatible hence the major version rev
* Added stub attrs.yml
* Removed Windows support
* Added Inspec Version check to inspec.yml
* Updated os method calls to work with newer version and discover Amazon Linux correctly again

* Rubocop fixes
  • Loading branch information
LevonBecker authored Oct 11, 2019
1 parent 7c90873 commit 8636fdb
Show file tree
Hide file tree
Showing 25 changed files with 376 additions and 536 deletions.
37 changes: 37 additions & 0 deletions .circleci/config.yml
Original file line number Diff line number Diff line change
@@ -0,0 +1,37 @@
version: 2.1
timezone:
America/Los_Angeles

jobs:
style_ruby:
docker:
- image: chef/chefdk:4.3.13
working_directory: ~/circulate
environment:
GEM_HOME: /opt/chefdk/embedded/lib/ruby/gems/2.6.0/gems
GEM_PATH: /opt/chefdk/embedded/lib/ruby/gems/2.6.0
GEM_ROOT: /opt/chefdk/embedded/lib/ruby/gems/2.6.0
steps:
- checkout
#- run:
# name: Install Rspec Junit Formatter Gem
# command: gem install rspec_junit_formatter -v 0.4.1
- run:
name: Run Rake Task
command: /opt/chefdk/embedded/bin/rake style:ruby --trace
- run:
name: Create Reports Directory
command: mkdir reports
- store_test_results:
path: reports/

workflows:
version: 2.1
# Put in one because not paying for parallel jobs
style_tests:
jobs:
- style_ruby

notify:
webhooks:
- url: https://webhooks.gitter.im/e/cf84bd37a43b066fb883
17 changes: 17 additions & 0 deletions CHANGELOG.md
Original file line number Diff line number Diff line change
@@ -1,5 +1,22 @@
# CHANGE LOG

## 2.0.1 - TODO List - Levon Becker
* Get jUnit test results working for rubocop rake task

## 2.0.0 - 10/11/2019 - Levon Becker
* Updated CircleCI Config to v2.1
* Updated Gemfile to ChefDK v4.3.13 Gems
* Updated default to value attributes
* Remove yum_cron
* Wrapped logic with control syntax. Can now call specific controls and ignore inspec attributes.
* Removed inspec from Gemfile
* Removed EPEL test controls
* Renamed some attributes so it's not backwards compatible hence the major version rev
* Added stub attrs.yml
* Removed Windows support
* Added Inspec Version check to inspec.yml
* Updated os method calls to work with newer version and discover Amazon Linux correctly again

## 1.1.0 - 10/27/2017 - Levon Becker
* Added Backups Tests
* Added CloudWatch Tests
Expand Down
10 changes: 4 additions & 6 deletions Gemfile
Original file line number Diff line number Diff line change
@@ -1,8 +1,6 @@
source 'https://rubygems.org'

gem 'inspec', '~> 1.25.0'
gem 'rake', '~> 10.4'

group :style do
gem 'rubocop', '~> 0.47.0'
end
gem 'bundler', '1.17.2'
gem 'rake', '12.3.2'
# gem 'rspec_junit_formatter', '0.4.1'
gem 'rubocop', '0.72.0'
142 changes: 19 additions & 123 deletions Gemfile.lock
Original file line number Diff line number Diff line change
@@ -1,134 +1,30 @@
GEM
remote: https://rubygems.org/
specs:
addressable (2.4.0)
ast (2.3.0)
blankslate (2.1.2.4)
builder (3.2.3)
coderay (1.1.1)
diff-lcs (1.3)
docker-api (1.33.3)
excon (>= 0.38.0)
json
erubis (2.7.0)
excon (0.55.0)
faraday (0.9.2)
multipart-post (>= 1.2, < 3)
ffi (1.9.18)
gssapi (1.2.0)
ffi (>= 1.0.1)
gyoku (1.3.1)
builder (>= 2.1.2)
hashie (3.5.6)
httpclient (2.8.3)
inspec (1.25.1)
addressable (~> 2.4)
faraday (>= 0.9.0)
hashie (~> 3.4)
json (>= 1.8, < 3.0)
method_source (~> 0.8)
mixlib-log
parallel (~> 1.9)
parslet (~> 1.5)
pry (~> 0)
rainbow (~> 2)
rspec (~> 3)
rspec-its (~> 1.2)
rubyzip (~> 1.1)
semverse
sslshake (~> 1.2)
thor (~> 0.19)
toml (~> 0.1)
train (>= 0.22.0, < 1.0)
json (1.8.6)
little-plugger (1.1.4)
logging (2.2.0)
little-plugger (~> 1.1)
multi_json (~> 1.10)
method_source (0.8.2)
mixlib-log (1.7.1)
mixlib-shellout (2.3.2)
multi_json (1.12.1)
multipart-post (2.0.0)
net-scp (1.2.1)
net-ssh (>= 2.6.5)
net-ssh (4.1.0)
nori (2.6.0)
parallel (1.11.1)
parser (2.4.0.0)
ast (~> 2.2)
parslet (1.5.0)
blankslate (~> 2.0)
powerpack (0.1.1)
pry (0.10.4)
coderay (~> 1.1.0)
method_source (~> 0.8.1)
slop (~> 3.4)
rainbow (2.2.2)
rake
rake (10.5.0)
rspec (3.6.0)
rspec-core (~> 3.6.0)
rspec-expectations (~> 3.6.0)
rspec-mocks (~> 3.6.0)
rspec-core (3.6.0)
rspec-support (~> 3.6.0)
rspec-expectations (3.6.0)
diff-lcs (>= 1.2.0, < 2.0)
rspec-support (~> 3.6.0)
rspec-its (1.2.0)
rspec-core (>= 3.0.0)
rspec-expectations (>= 3.0.0)
rspec-mocks (3.6.0)
diff-lcs (>= 1.2.0, < 2.0)
rspec-support (~> 3.6.0)
rspec-support (3.6.0)
rubocop (0.47.1)
parser (>= 2.3.3.1, < 3.0)
powerpack (~> 0.1)
rainbow (>= 1.99.1, < 3.0)
ast (2.4.0)
jaro_winkler (1.5.3)
parallel (1.17.0)
parser (2.6.3.0)
ast (~> 2.4.0)
rainbow (3.0.0)
rake (12.3.2)
rubocop (0.72.0)
jaro_winkler (~> 1.5.1)
parallel (~> 1.10)
parser (>= 2.6)
rainbow (>= 2.2.2, < 4.0)
ruby-progressbar (~> 1.7)
unicode-display_width (~> 1.0, >= 1.0.1)
ruby-progressbar (1.8.1)
rubyntlm (0.6.1)
rubyzip (1.2.1)
semverse (2.0.0)
slop (3.6.0)
sslshake (1.2.0)
thor (0.19.1)
toml (0.1.2)
parslet (~> 1.5.0)
train (0.23.0)
docker-api (~> 1.26)
json (>= 1.8, < 3.0)
mixlib-shellout (~> 2.0)
net-scp (~> 1.2)
net-ssh (>= 2.9, < 5.0)
winrm (~> 2.0)
winrm-fs (~> 1.0)
unicode-display_width (1.3.0)
winrm (2.2.1)
builder (>= 2.1.2)
erubis (~> 2.7)
gssapi (~> 1.2)
gyoku (~> 1.0)
httpclient (~> 2.2, >= 2.2.0.2)
logging (>= 1.6.1, < 3.0)
nori (~> 2.0)
rubyntlm (~> 0.6.0, >= 0.6.1)
winrm-fs (1.0.1)
erubis (~> 2.7)
logging (>= 1.6.1, < 3.0)
rubyzip (~> 1.1)
winrm (~> 2.0)
unicode-display_width (>= 1.4.0, < 1.7)
ruby-progressbar (1.10.1)
unicode-display_width (1.6.0)

PLATFORMS
ruby

DEPENDENCIES
inspec (~> 1.25.0)
rake (~> 10.4)
rubocop (~> 0.47.0)
bundler (= 1.17.2)
rake (= 12.3.2)
rubocop (= 0.72.0)

BUNDLED WITH
1.12.5
1.17.2
2 changes: 1 addition & 1 deletion LICENSE
Original file line number Diff line number Diff line change
@@ -1,6 +1,6 @@
MIT License

Copyright (c) 2017 Bonus Bits
Copyright (c) 2019 Bonus Bits

Permission is hereby granted, free of charge, to any person obtaining a copy
of this software and associated documentation files (the "Software"), to deal
Expand Down
5 changes: 3 additions & 2 deletions README.md
Original file line number Diff line number Diff line change
@@ -1,5 +1,5 @@
# InSpec Bonus Bits Base Cookbook Profile
[![Project Release](https://img.shields.io/badge/release-v1.1.0-blue.svg)](https://github.com/bonusbits/inspec_bonusbits_base)
[![Project Release](https://img.shields.io/badge/release-v2.0.0-blue.svg)](https://github.com/bonusbits/inspec_bonusbits_base)
[![CircleCI](https://circleci.com/gh/bonusbits/inspec_bonusbits_base.svg?style=shield)](https://circleci.com/gh/bonusbits/inspec_bonusbits_base)
[![Join the chat at https://gitter.im/bonusbits](https://badges.gitter.im/bonusbits/bonusbits.svg)](https://gitter.im/bonusbits?utm_source=badge&utm_medium=badge&utm_campaign=pr-badge&utm_content=badge)
[![GitHub issues](https://img.shields.io/github/issues/bonusbits/inspec_bonusbits_base.svg)](https://github.com/bonusbits/inspec_bonusbits_base/issues)
Expand Down Expand Up @@ -36,7 +36,9 @@ suites:
inspec_tests:
- name: bonusbits_base
git: https://github.com/bonusbits/inspec_bonusbits_base.git
release: 2.0.0
attributes:
debug: false
inside_aws: true
```
Expand Down Expand Up @@ -66,4 +68,3 @@ suites:
| proxy | configure_proxy | Boolean | false | true/false |
| selinux | configure_selinux | Boolean | true | true/false |
| sudoers | configure_sudoers | Boolean | false | true/false |
| yum_cron | configure_yum_cron | Boolean | true | true/false |
5 changes: 1 addition & 4 deletions Rakefile
Original file line number Diff line number Diff line change
Expand Up @@ -11,7 +11,4 @@ namespace :style do
end

desc 'Rubocop'
task default: %w(style:ruby)

desc 'Circle CI Tasks'
task circleci: %w(style:ruby)
task default: %w[style:ruby:auto_correct]
1 change: 1 addition & 0 deletions attrs.yml
Original file line number Diff line number Diff line change
@@ -0,0 +1 @@
debug: 'false'
14 changes: 0 additions & 14 deletions circle.yml

This file was deleted.

35 changes: 14 additions & 21 deletions controls/aws.rb
Original file line number Diff line number Diff line change
@@ -1,29 +1,22 @@
require_relative '../helpers/os_queries'

inside_aws = ec2?
configure = attribute('configure_aws_profile', default: true, description: 'Configure Proxy').to_s.eql?('true') ? true : false
test_aws = attribute('test_aws', value: true, description: 'Test AWS').to_s.eql?('true') ? true : false

debug = attribute('debug', default: false, description: 'Enable Debugging').to_s.eql?('true') ? true : false
puts "ATTR: Configure AWS Profile (#{configure})" if debug
debug = attribute('debug', value: false, description: 'Enable Debugging').to_s.eql?('true') ? true : false
if debug
puts "ATTR: Inside AWS (#{inside_aws})"
puts "ATTR: Test AWS (#{test_aws})"
end

profile_settings = %w(
AWS_REGION
)
control 'aws' do
impact 1.0
title ''
only_if { test_aws && inside_aws }

if os.linux? && inside_aws
if configure
describe 'AWS Profile' do
it 'Configured' do
profile_settings.each do |value|
expect(file('/etc/profile.d/aws.sh').content).to match(value)
end
end
end
else
describe 'AWS Profile' do
it 'Not Configured' do
expect(file('/etc/profile.d/aws.sh')).to_not exist
end
end
describe file('/etc/profile.d/aws.sh') do
it { should exist }
it { should be_owned_by 'root' }
its('content') { should include match(/AWS_REGION/) }
end
end
26 changes: 13 additions & 13 deletions controls/backups.rb
Original file line number Diff line number Diff line change
@@ -1,19 +1,19 @@
require_relative '../helpers/os_queries'

inside_aws = ec2?
configure = attribute('configure_backups', default: false, description: 'Configure Backups').to_s.eql?('true') ? true : false
test_backups = attribute('test_backups', value: false, description: 'Test Backups').to_s.eql?('true') ? true : false

debug = attribute('debug', default: false, description: 'Enable Debugging').to_s.eql?('true') ? true : false
if debug
puts "ATTR: Inside AWS (#{inside_aws})"
puts "ATTR: Configure Backups (#{configure})"
end
debug = attribute('debug', value: false, description: 'Enable Debugging').to_s.eql?('true') ? true : false
puts "ATTR: Test Backups (#{test_backups})" if debug

control 'backups' do
impact 1.0
title ''
only_if { os.linux? && test_backups }

if os.linux? && configure
describe 'Backup Script' do
it '/usr/bin/backup_to_s3.rb' do
expect(file('/usr/bin/backup_to_s3.rb')).to exist
expect(file('/usr/bin/backup_to_s3.rb')).to be_owned_by('root')
end
describe file('/usr/bin/backup_to_s3.rb') do
it { should be_file }
it { should be_owned_by 'root' }
it { should be_grouped_into 'root' }
its(:mode) { should cmp '00755' }
end
end
Loading

0 comments on commit 8636fdb

Please sign in to comment.