manageiq-appliance_console 5.2.0 → 5.3.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
checksums.yaml CHANGED
@@ -1,7 +1,7 @@
1
1
  ---
2
2
  SHA256:
3
- metadata.gz: 9aab719558452873f17db2eb66a1aeebd73d6e3f23eb41cc00955325e3004907
4
- data.tar.gz: 515bf0fc47ceecd4441b0599a198ac81194056f5fc936102cd65d6d0ea31023f
3
+ metadata.gz: c6ba8e9cdf053c6d1eee9360c074ed3584d54e848d7d60e4f63c77a9d673ad60
4
+ data.tar.gz: 1ade599ce3628695ecf5b6a0444195ab3593e5ab539f5c3585f1ceffc9ace600
5
5
  SHA512:
6
- metadata.gz: a4ea565696b02cef54acac874cc8e3260e8a7b3795e68d4f99cd5c59d3c0b1affe230c75739e05e306693aba7de17faf20721db40e533a442baca1832d91dadc
7
- data.tar.gz: 9fe682258cd1cefd700ce0ace41d61dce0060dcb4097c63d1a539e180ea8a65f7c7559e2853525ebe342631b9c607ddceab937755b409bba89a790581f8e9855
6
+ metadata.gz: fd63b37fb4fb850a6b94efe35ebbb4d643992e7a9855fed584fb267b8939c122b93d4488c1b3eb2caaba37e7871e74280c07a4c5944f783a01cf10cb55ffd521
7
+ data.tar.gz: 9aa0a97f69f677a8b395c1fbaa724ae136f297f77ec9874ad7ffbbe4239b7d8b4e93bb619f8c43a271e36d0cf89f14cce264ebcb36a5e54cdb1b31f8e9b16cdd
@@ -8,6 +8,9 @@ unless defined?(say)
8
8
  end
9
9
  end
10
10
 
11
+ # define SCAP_RULES_DIR for scap fucntionality
12
+ SCAP_RULES_DIR = File.expand_path("productization/appliance_console/config", ManageIQ::ApplianceConsole::RAILS_ROOT)
13
+
11
14
  module ManageIQ
12
15
  module ApplianceConsole
13
16
  class CliError < StandardError; end
@@ -97,6 +100,10 @@ module ApplianceConsole
97
100
  options[:replication] == "primary" || (options[:replication] == "standby" && options[:primary_host])
98
101
  end
99
102
 
103
+ def openscap?
104
+ options[:openscap]
105
+ end
106
+
100
107
  def initialize(options = {})
101
108
  self.options = options
102
109
  end
@@ -164,6 +171,7 @@ module ApplianceConsole
164
171
  opt :oidc_enable_sso, "Optionally enable SSO with OpenID-Connect Authentication", :type => :boolean, :default => false
165
172
  opt :oidc_unconfig, "Unconfigure Appliance OpenID-Connect Authentication", :type => :boolean, :default => false
166
173
  opt :server, "{start|stop|restart} actions on evmserverd Server", :type => :string
174
+ opt :openscap, "Setup OpenScap", :type => :boolean, :default => false
167
175
  end
168
176
  Optimist.die :region, "needed when setting up a local database" if region_number_required? && options[:region].nil?
169
177
  self
@@ -176,9 +184,10 @@ module ApplianceConsole
176
184
  def run
177
185
  Optimist.educate unless set_host? || key? || database? || tmp_disk? || log_disk? ||
178
186
  uninstall_ipa? || install_ipa? || certs? || extauth_opts? ||
179
- set_server_state? || set_replication? ||
187
+ set_server_state? || set_replication? || openscap? ||
180
188
  saml_config? || saml_unconfig? ||
181
189
  oidc_config? || oidc_unconfig?
190
+
182
191
  if set_host?
183
192
  system_hosts = LinuxAdmin::Hosts.new
184
193
  system_hosts.hostname = options[:host]
@@ -200,6 +209,7 @@ module ApplianceConsole
200
209
  oidc_config if oidc_config?
201
210
  oidc_unconfig if oidc_unconfig?
202
211
  set_server_state if set_server_state?
212
+ openscap if openscap?
203
213
  rescue CliError => e
204
214
  say(e.message)
205
215
  say("")
@@ -343,6 +353,11 @@ module ApplianceConsole
343
353
  config.deactivate if config.ipa_client_configured?
344
354
  end
345
355
 
356
+ def openscap
357
+ say("Configuring Openscap")
358
+ ManageIQ::ApplianceConsole::Scap.new(SCAP_RULES_DIR).lockdown
359
+ end
360
+
346
361
  def config_tmp_disk
347
362
  if (tmp_disk = disk_from_string(options[:tmpdisk]))
348
363
  say "creating temp disk"
@@ -13,7 +13,7 @@ module ApplianceConsole
13
13
  require 'yaml'
14
14
  scap_config = YAML.load_file(yaml_filename)
15
15
  begin
16
- LinuxAdmin::Scap.new("rhel7").lockdown(*scap_config['rules'], scap_config['values'])
16
+ LinuxAdmin::Scap.new("rhel8").lockdown(*scap_config['rules'], scap_config['values'])
17
17
  rescue => e
18
18
  say("Configuration failed: #{e.message}")
19
19
  else
@@ -32,7 +32,7 @@ module ApplianceConsole
32
32
  if !LinuxAdmin::Scap.openscap_available?
33
33
  say("OpenSCAP has not been installed")
34
34
  false
35
- elsif !LinuxAdmin::Scap.ssg_available?("rhel7")
35
+ elsif !LinuxAdmin::Scap.ssg_available?("rhel8")
36
36
  say("SCAP Security Guide has not been installed")
37
37
  false
38
38
  else
@@ -1,5 +1,5 @@
1
1
  module ManageIQ
2
2
  module ApplianceConsole
3
- VERSION = '5.2.0'.freeze
3
+ VERSION = '5.3.0'.freeze
4
4
  end
5
5
  end
@@ -26,7 +26,7 @@ Gem::Specification.new do |spec|
26
26
  spec.add_runtime_dependency "bcrypt", "~> 3.1.10"
27
27
  spec.add_runtime_dependency "highline", "~> 1.6.21"
28
28
  spec.add_runtime_dependency "i18n", "~> 0.8"
29
- spec.add_runtime_dependency "linux_admin", ["~> 1.0", ">=1.2.4"]
29
+ spec.add_runtime_dependency "linux_admin", "~> 2.0"
30
30
  spec.add_runtime_dependency "manageiq-password", "~> 0.3"
31
31
  spec.add_runtime_dependency "optimist", "~> 3.0"
32
32
  spec.add_runtime_dependency "pg"
metadata CHANGED
@@ -1,14 +1,14 @@
1
1
  --- !ruby/object:Gem::Specification
2
2
  name: manageiq-appliance_console
3
3
  version: !ruby/object:Gem::Version
4
- version: 5.2.0
4
+ version: 5.3.0
5
5
  platform: ruby
6
6
  authors:
7
7
  - ManageIQ Developers
8
8
  autorequire:
9
9
  bindir: bin
10
10
  cert_chain: []
11
- date: 2019-12-06 00:00:00.000000000 Z
11
+ date: 2019-12-12 00:00:00.000000000 Z
12
12
  dependencies:
13
13
  - !ruby/object:Gem::Dependency
14
14
  name: activerecord
@@ -100,20 +100,14 @@ dependencies:
100
100
  requirements:
101
101
  - - "~>"
102
102
  - !ruby/object:Gem::Version
103
- version: '1.0'
104
- - - ">="
105
- - !ruby/object:Gem::Version
106
- version: 1.2.4
103
+ version: '2.0'
107
104
  type: :runtime
108
105
  prerelease: false
109
106
  version_requirements: !ruby/object:Gem::Requirement
110
107
  requirements:
111
108
  - - "~>"
112
109
  - !ruby/object:Gem::Version
113
- version: '1.0'
114
- - - ">="
115
- - !ruby/object:Gem::Version
116
- version: 1.2.4
110
+ version: '2.0'
117
111
  - !ruby/object:Gem::Dependency
118
112
  name: manageiq-password
119
113
  requirement: !ruby/object:Gem::Requirement