norad_cli 0.1.0

data/lib/norad_cli/templates/ci/.gitlab.ci.yml

@@ -0,0 +1,44 @@
+stages:
+  - validate
+  - build
+  - test
+  - deploy
+  - integrate
+
+before_script:
+  - rvm gemset use norad-docker-images
+  - gem install bundler --no-ri --no-rdoc
+  - bundle install
+
+validate_manifests:
+  stage: validate
+  script:
+    - rspec spec/validate_manifests_spec.rb
+    - rspec spec/require_readmes_spec.rb
+
+build_containers:
+  stage: build
+  script:
+    - ./ci/build_images.sh
+
+test_containers:
+  stage: test
+  script:
+    - ./ci/run_image_integration_tests.sh
+
+push_images:
+  stage: deploy
+  only:
+    - master
+  script:
+    - ./ci/push_images.sh
+
+generate_api_seed:
+  stage: integrate
+  only:
+    - master
+  script:
+    - ./ci/api_security_container_seed_script.rb
+  artifacts:
+    paths:
+      - containers.rb

data/lib/norad_cli/templates/spec/spec_helper.rb

@@ -0,0 +1,247 @@
+RSpec.configure do |config|
+  config.expect_with :rspec do |expectations|
+    expectations.include_chain_clauses_in_custom_matcher_descriptions = true
+  end
+
+  config.mock_with :rspec do |mocks|
+    mocks.verify_partial_doubles = true
+  end
+
+  config.before(:context, scan_assessment: true) do
+    @base_id = described_class.scan_base
+    @base_results = described_class.retrieve_results(@base_id)
+    described_class.get_scans.each do |type|
+      puts type
+      instance_variable_set("@#{type}_id", described_class.scan_machine(type))
+      puts instance_variable_get("@#{type}_id")
+      instance_variable_set("@#{type}_results", described_class.retrieve_results(instance_variable_get("@#{type}_id")))
+    end
+  end
+end
+
+if ENV['SCAN_ASSESSMENT']
+  require 'yaml'
+  require 'net/http'
+  require 'json'
+  require 'docker'
+  require 'securerandom'
+  require 'base64'
+  require 'pp'
+
+  Docker.url = ENV.fetch('DOCKER_HOST') { "unix:///var/run/docker.sock" }
+  #*************************************************************************
+  # @parent - for variants of base tests like serverspec
+  # @verify_machine_ready - when True will wait for file /tmp/status in the container
+  #                         under test content's to match /ready_to_test/
+  # @host_config - passed to  Docker::Container.create param HostConfig
+  #
+  # Example:
+  #
+  # class DockerHostCisBenchmarks
+  #   extend AssessmentHelpers
+  #   @parent = 'serverspec'
+  #   @host_config = { 
+  #     'vulnerable': { 'Privileged': true },
+  #     'secure': { 'Privileged': true, 'cap-add': 'ALL',  },
+  #   }
+  #   @verify_machine_ready = true
+  # end
+
+  RSpec::Matchers.define :fail_with_msg do |expected|
+    match do
+      false
+    end
+
+    failure_message do
+      expected.to_s
+    end
+  end
+
+  class ResultsServer
+    attr_accessor :container
+
+    def host_port
+      container.info["NetworkSettings"]["Ports"]["3000/tcp"].first["HostPort"]
+    end
+  end
+
+  class BaseMachine
+    attr_accessor :container
+  end
+
+  results_server = ResultsServer.new
+  base_machine = BaseMachine.new
+
+  RSpec.configure do |config|
+    config.before(:suite) do
+      results_server.container = Docker::Container.create(
+        Image: ENV['TEST_RESULTS_SERVER_IMAGE'],
+        HostConfig: { PublishAllPorts: true }
+      )
+      results_server.container.start
+      sleep 5 # sleep rather than wait since we are daemonizing a container
+      results_server.container.refresh! # get more details
+      base_machine.container = Docker::Container.create(Image: 'alpine:3.4', Cmd: '/bin/ash', Tty: true)
+      base_machine.container.start
+    end
+
+    config.after(:suite) do
+      results_server.container.stop
+      results_server.container.delete(force: true)
+      base_machine.container.stop
+      base_machine.container.delete(force: true)
+    end
+  end
+
+  AssessmentHelpers = Module.new do
+    MAX_SLEEP_TIME = 30
+    SLEEP_INTERVAL = 3
+
+    define_method  :get_scans do
+      %w(vulnerable secure)
+    end
+
+    define_method :assessment_name do
+      name.split(/(?=[A-Z])|(?<=[a-z])(\d+)/).map { |e| e.downcase }.join('-')
+    end
+
+    define_method :manifest_file do
+      assessment_path = @parent.nil? ? assessment_name : "#{@parent}/variants/#{assessment_name}"
+      "./#{assessment_path}/manifest.yml"
+    end
+
+    define_method :options do
+      @options ||= YAML.load(File.read(manifest_file))
+    end
+
+    define_method :image_name do
+      "#{options['registry']}/#{options['name']}:#{options['version']}"
+    end
+
+    define_method :config_hash do
+      return default_test_config if respond_to?(:default_test_config)
+      options['default_config'].each_with_object({}) do |(k, v), h|
+        h[k.to_sym] = v
+      end
+    end
+
+    define_method :args do |target|
+      ssh_vals = options['prog_args']['ssh_key'] ? load_ssh_args : {}
+      format(options['prog_args'], config_hash.merge({target: target}).merge(ssh_vals)).split(' ')
+    end
+
+    define_method :load_ssh_args do
+      { ssh_user: 'testuser', ssh_key: Base64.strict_encode64(File.read('./spec/support/ssh_key')) }
+    end
+
+    define_method :machine_ready? do |machine, image_name|
+      if @verify_machine_ready
+        config_status =  machine.exec(['cat', '/tmp/status']).to_s
+        unless config_status.match(/ready_to_test/)
+          puts "machine:#{image_name} not ready_to_test current status:#{config_status}"
+          return false
+        end
+      end
+      true
+    end
+
+    define_method :machine_running? do |machine, image_name|
+      if !machine.json['State']['Running']
+        puts "Target machine: #{image_name} failed to start."
+        return false
+      end
+      true
+    end
+
+    define_method :start_target_machine do |image_name|
+      elapsed_time = 0
+      target = image_name.split('-')[-1].to_sym
+      h_config = nil
+      h_config = @host_config[target] if @host_config
+      machine = Docker::Container.create(Image: image_name, HostConfig: h_config )
+      machine.start
+      sleep SLEEP_INTERVAL
+      until (machine_running?(machine, image_name) && machine_ready?(machine, image_name)) || elapsed_time > MAX_SLEEP_TIME
+        sleep SLEEP_INTERVAL # sleep rather than wait since we are daemonizing a container
+        elapsed_time += SLEEP_INTERVAL
+      end
+      machine
+    end
+
+    define_method :log_machine_not_running do |machine, image_name|
+      puts '*' * 80
+      puts "* target docker container for #{image_name} not running"
+      puts '*' * 80
+      pp machine.json
+      puts "******************** logs  #{image_name} *****************************"
+      machine.streaming_logs(stdout: true, stderr: true) { |stream, chunk| puts "#{stream}: #{chunk}" }
+    end
+
+    define_method :stop_target_machine do |machine|
+      machine.stop
+      machine.delete(force: true)
+      machine.id
+    end
+
+    define_method :scan_machine do |type|
+      image_name = "#{assessment_name}-#{type}"
+      machine = start_target_machine(image_name)
+      target_name = type
+      target_name = @target_host if @target_host
+      scan(target_name, machine.id) if machine_running?(machine, image_name)  && machine_ready?(machine, image_name)
+      log_machine_not_running(machine, image_name) unless machine_running?(machine, image_name)
+      stop_target_machine(machine)
+    end
+
+    define_method :scan_base do
+      assessment_id = scan('base', base_machine.container.id)
+      assessment_id
+    end
+
+    define_method :scan do |target, target_id|
+      assessment_id = target == 'base' ? SecureRandom.hex(32) : target_id
+      env = [
+        "NORAD_ROOT=http://results:3000",
+        %Q{ASSESSMENT_PATHS=[{"id":"#{target}", "assessment": "/results/#{assessment_id}"}]},
+        "NORAD_SECRET=1234"
+      ]
+      c = Docker::Container.create({
+        Image: image_name,
+        Cmd: args(target),
+        Env: env,
+        HostConfig: { Links: ["#{target_id}:#{target}", "#{results_server.container.id}:results"] },
+      })
+
+      c.start
+      c.wait(60 * 10)
+
+      # Output container logs for debugging
+      if ENV['ENABLE_LOGS']
+        c.stop
+        c_state = c.json['State']
+
+        # Print the entire state regardless of error or not to aid in debugging
+        puts "[DEBUG] Container #{image_name}'s Final State"
+        puts '-------------------------'
+        c_state.each do |key, value|
+          puts "#{key}: #{value}"
+        end
+
+        puts "\n[DEBUG] Logs for target \"#{image_name}\" run against #{target}:"
+
+        # Print logs regardless of ExitCode
+        puts c.logs(stdout: true, stderr: true)
+
+      end
+
+      c.delete(force: true)
+      assessment_id
+    end
+
+    define_method :retrieve_results do |id|
+      url = "http://localhost:#{results_server.host_port}/results?assessment_id=#{id}"
+      uri = URI(url)
+      JSON.parse(Net::HTTP.get(uri))
+    end
+  end
+end

data/lib/norad_cli/templates/spec/support/Dockerfile.testserver

@@ -0,0 +1,22 @@
+FROM ruby:2.3.1
+
+# Adapted from: https://github.com/marcelocg/phoenix-docker/blob/master/Dockerfile
+MAINTAINER Blake Hitchcock <blhitchc@cisco.com>
+
+# update and install some software requirements
+RUN apt-get update && apt-get -o Dpkg::Options::="--force-confdef" -o Dpkg::Options::="--force-confold" upgrade -y && apt-get install -y libxml2-dev libxslt1-dev nodejs
+
+ENV APP_HOME /myapp
+ENV RAILS_ENV production
+RUN mkdir $APP_HOME
+WORKDIR $APP_HOME
+
+ADD test_server/Gemfile* $APP_HOME/
+RUN bundle install
+
+ADD test_server/. $APP_HOME
+RUN rake db:create
+RUN rake db:migrate
+
+EXPOSE 3000
+CMD ["bin/rails", "server", "--port", "3000"]

data/lib/norad_cli/templates/spec/support/Dockerfile.ubuntu_ssh

@@ -0,0 +1,20 @@
+FROM ubuntu:14.04
+MAINTAINER Blake Hitchcock
+
+RUN apt-get update; apt-get install -y openssh-server
+RUN mkdir -p ~root/.ssh && chmod 700 ~root/.ssh/ && \
+    echo "Port 22\n" >> /etc/ssh/sshd_config && \
+    cp -a /etc/ssh /etc/ssh.cache
+RUN mkdir /var/run/sshd
+
+# Create Sudo user
+# useradd doesn't like -m in a script.
+RUN useradd -K MAIL_DIR=/dev/null -s /bin/bash testuser
+RUN mkdir -p /home/testuser/.ssh
+RUN sed -i '4i\testuser  ALL= (ALL)    NOPASSWD: ALL' /etc/sudoers
+COPY ssh_key.pub /home/testuser/.ssh/authorized_keys
+RUN chown -R testuser /home/testuser
+RUN chmod 600 /home/testuser/.ssh/authorized_keys
+
+EXPOSE 22
+CMD ["/usr/sbin/sshd", "-D"]

data/lib/norad_cli/templates/spec/support/ssh_key

@@ -0,0 +1,27 @@
+-----BEGIN RSA PRIVATE KEY-----
+MIIEpAIBAAKCAQEAzOOvUUrCexzr1Wx8GdtgVqfRBxQR7+7Eh0UyrDfMyonAsYvP
+LaAHMmrobrsOoSWk8RA/fyo/t2m98UJVnpyr0L9xb/JIkDg0hlm+QdUnW7ax5PPE
+5kssQsh2eSPvlolLjvfOQEYGplsuQ3B56Nc1snhMs1lCpHpwSSotigz+MP16K2Qf
+R+rztPYfr5cGgJzczIUrYsu8gS/CkSmLz76FOMjlS6ss+b5u3q0VdJrDHhtP21jJ
+850iwTNFvw9l6A0+puQEgKwnLDhxwlIlOzplHm0WlLIzUJwHzP/ggKMuCc7ZHkhY
+v2pklOwfNAUpR8m07inWD+TCFYEyRpUKhEZBhwIDAQABAoIBAHVqQY0Pj7Yn08qh
++diDjIj8cOBikwjxxvRSJoDlFVo4aRIWMetOmvE8rOjQD8kvnn97NTg1yP/d/Djn
+L9POqvPc0jA6I3VqkEcx5MMrWPvJDddMD1l+WOYIpUQ04Nde5MsQncTdnG/3LuL8
+8RALTL1zDVl2XKePdwumvSQw3/bINZhdJl/UhtRrpvmbxKzNbojH/007J+OpsYlu
+YmpBIenZzxYVXUHlAml8Mu0tCe6stdWWTnHFxLYrf0bAdKHmf0FuiB/J6q3ajh78
+NFTqVAWwZ9BsNtdSbRLkdA31EZoez8ZAiqtbbJLEt4f6EL7y1E26m2wP9XoM4SlD
+tAyRJvkCgYEA581AirCFlkMlg4IdhJqLDMug4g578gKvBIBJ2kXS9pEcYqKPPMUj
+VhVszbEGLNKT8qBlTYbYi9KecE6PJ3/Mk8hUan2KyfgzXpEAUkc793ubzKdtUJTZ
+Di8DcgdcmNHlkZ0tY7jmMHcHHilkLb1iNCtI4YbN77JDKFn8sSJMoyMCgYEA4kc3
+rTuDSLruG7x4Br6fdboUkNZwTBEJLt48arFJksrnBaE7tO+aQZ6Hdc/5AtAFDasX
+jsYZ2fiC5aIgH9qoFxekYza5ANSHUjSqCduNizm4h01RROQzcQCnwn7bgHDmSaTq
+gCPfpRGHHT4fOPLafErySb3YQhKhWdSteILNEE0CgYEAoh6/oUBMbgeQWSXLl06v
+KcfRQcl3jo+p8K/49xwWrDRZcfLX01zdlftuGX5SH084Al2D/HDvSvuHrGyFWs7b
+OhDGWaRsSU26P82SN/lyS2i8UqpWniE8ndrrwfi8HnXO5cTUVgafmA3ngITad9MY
+t/v+AR3TMm2u4q3tOcYPa5kCgYEA4GySJBaqlzAPiSLcSJQ3w6PTUfPdXRRobzur
+4IYF2rmzeDn55fLeo8Z/w7GJ3+hBmtTegJSqfy2jZe3uvqk3ne+s81oLE2+25ymk
+nDJNqJCPHGLq/9D11FY6DQWU30caoGAY1Q6/ehBwWeiLPwhe+ne65riMDLw9m8L8
+alIQ4OECgYARpS8CfpC0lR9kWiuUU1h8LQ01rwS3IlhNHUzbVtydJJp6o3llY7Ws
+FEJUHoE8Lp/sujbUCTly62NVeZBvDKHb5wkMusR3Qx1+fmgedR5Qp+I+WtVctAI9
+vgO0JpuoFlC2qRe/XmwQJkSOi/KrRWRiIuW5bxhU+dF9Ota16jCzsA==
+-----END RSA PRIVATE KEY-----

data/lib/norad_cli/templates/spec/support/ssh_key.pub

@@ -0,0 +1 @@
+ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQDM469RSsJ7HOvVbHwZ22BWp9EHFBHv7sSHRTKsN8zKicCxi88toAcyauhuuw6hJaTxED9/Kj+3ab3xQlWenKvQv3Fv8kiQODSGWb5B1SdbtrHk88TmSyxCyHZ5I++WiUuO985ARgamWy5DcHno1zWyeEyzWUKkenBJKi2KDP4w/XorZB9H6vO09h+vlwaAnNzMhStiy7yBL8KRKYvPvoU4yOVLqyz5vm7erRV0msMeG0/bWMnznSLBM0W/D2XoDT6m5ASArCcsOHHCUiU7OmUebRaUsjNQnAfM/+CAoy4JztkeSFi/amSU7B80BSlHybTuKdYP5MIVgTJGlQqERkGH vagrant@norad-dev-box

data/lib/norad_cli/templates/spec/support/test_server/.gitignore

@@ -0,0 +1,21 @@
+# See https://help.github.com/articles/ignoring-files for more about ignoring files.
+#
+# If you find yourself ignoring temporary files generated by your text editor
+# or operating system, you probably want to add a global ignore instead:
+#   git config --global core.excludesfile '~/.gitignore_global'
+
+# Ignore bundler config.
+/.bundle
+
+# Ignore the default SQLite database.
+/db/*.sqlite3
+/db/*.sqlite3-journal
+
+# Ignore all logfiles and tempfiles.
+/log/*
+/tmp/*
+!/log/.keep
+!/tmp/.keep
+
+# Ignore Byebug command history file.
+.byebug_history

data/lib/norad_cli/templates/spec/support/test_server/Gemfile

@@ -0,0 +1,5 @@
+source 'https://rubygems.org'
+
+gem 'rails', '~> 5.0.0'
+gem 'sqlite3'
+gem 'puma', '~> 3.0'

data/lib/norad_cli/templates/spec/support/test_server/Gemfile.lock

@@ -0,0 +1,116 @@
+GEM
+  remote: https://rubygems.org/
+  specs:
+    actioncable (5.0.0)
+      actionpack (= 5.0.0)
+      nio4r (~> 1.2)
+      websocket-driver (~> 0.6.1)
+    actionmailer (5.0.0)
+      actionpack (= 5.0.0)
+      actionview (= 5.0.0)
+      activejob (= 5.0.0)
+      mail (~> 2.5, >= 2.5.4)
+      rails-dom-testing (~> 2.0)
+    actionpack (5.0.0)
+      actionview (= 5.0.0)
+      activesupport (= 5.0.0)
+      rack (~> 2.0)
+      rack-test (~> 0.6.3)
+      rails-dom-testing (~> 2.0)
+      rails-html-sanitizer (~> 1.0, >= 1.0.2)
+    actionview (5.0.0)
+      activesupport (= 5.0.0)
+      builder (~> 3.1)
+      erubis (~> 2.7.0)
+      rails-dom-testing (~> 2.0)
+      rails-html-sanitizer (~> 1.0, >= 1.0.2)
+    activejob (5.0.0)
+      activesupport (= 5.0.0)
+      globalid (>= 0.3.6)
+    activemodel (5.0.0)
+      activesupport (= 5.0.0)
+    activerecord (5.0.0)
+      activemodel (= 5.0.0)
+      activesupport (= 5.0.0)
+      arel (~> 7.0)
+    activesupport (5.0.0)
+      concurrent-ruby (~> 1.0, >= 1.0.2)
+      i18n (~> 0.7)
+      minitest (~> 5.1)
+      tzinfo (~> 1.1)
+    arel (7.1.0)
+    builder (3.2.2)
+    concurrent-ruby (1.0.2)
+    erubis (2.7.0)
+    globalid (0.3.6)
+      activesupport (>= 4.1.0)
+    i18n (0.7.0)
+    loofah (2.0.3)
+      nokogiri (>= 1.5.9)
+    mail (2.6.4)
+      mime-types (>= 1.16, < 4)
+    method_source (0.8.2)
+    mime-types (3.1)
+      mime-types-data (~> 3.2015)
+    mime-types-data (3.2016.0521)
+    mini_portile2 (2.1.0)
+    minitest (5.9.0)
+    nio4r (1.2.1)
+    nokogiri (1.6.8)
+      mini_portile2 (~> 2.1.0)
+      pkg-config (~> 1.1.7)
+    pkg-config (1.1.7)
+    puma (3.6.0)
+    rack (2.0.1)
+    rack-test (0.6.3)
+      rack (>= 1.0)
+    rails (5.0.0)
+      actioncable (= 5.0.0)
+      actionmailer (= 5.0.0)
+      actionpack (= 5.0.0)
+      actionview (= 5.0.0)
+      activejob (= 5.0.0)
+      activemodel (= 5.0.0)
+      activerecord (= 5.0.0)
+      activesupport (= 5.0.0)
+      bundler (>= 1.3.0, < 2.0)
+      railties (= 5.0.0)
+      sprockets-rails (>= 2.0.0)
+    rails-dom-testing (2.0.1)
+      activesupport (>= 4.2.0, < 6.0)
+      nokogiri (~> 1.6.0)
+    rails-html-sanitizer (1.0.3)
+      loofah (~> 2.0)
+    railties (5.0.0)
+      actionpack (= 5.0.0)
+      activesupport (= 5.0.0)
+      method_source
+      rake (>= 0.8.7)
+      thor (>= 0.18.1, < 2.0)
+    rake (11.2.2)
+    sprockets (3.7.0)
+      concurrent-ruby (~> 1.0)
+      rack (> 1, < 3)
+    sprockets-rails (3.1.1)
+      actionpack (>= 4.0)
+      activesupport (>= 4.0)
+      sprockets (>= 3.0.0)
+    sqlite3 (1.3.11)
+    thor (0.19.1)
+    thread_safe (0.3.5)
+    tzinfo (1.2.2)
+      thread_safe (~> 0.1)
+    websocket-driver (0.6.4)
+      websocket-extensions (>= 0.1.0)
+    websocket-extensions (0.1.2)
+
+PLATFORMS
+  ruby
+
+DEPENDENCIES
+  puma (~> 3.0)
+  rails (~> 5.0.0)
+  sqlite3
+
+BUNDLED WITH
+   1.12.5

data/lib/norad_cli/templates/spec/support/test_server/Rakefile

@@ -0,0 +1,6 @@
+# Add your own tasks in files placed in lib/tasks ending in .rake,
+# for example lib/tasks/capistrano.rake, and they will automatically be available to Rake.
+
+require_relative 'config/application'
+
+Rails.application.load_tasks

data/lib/norad_cli/templates/spec/support/test_server/app/controllers/application_controller.rb

@@ -0,0 +1,2 @@
+class ApplicationController < ActionController::API
+end

data/lib/norad_cli/templates/spec/support/test_server/app/controllers/results_controller.rb

@@ -0,0 +1,23 @@
+class ResultsController < ApplicationController
+  # GET /results
+  def index
+    @results = Result.where(assessment_id: params[:assessment_id])
+    render json: @results
+  end
+
+  # POST /results
+  def create
+    params[:results].each do |result|
+      Result.create(
+        assessment_id: params[:id],
+        nid: result[:nid],
+	sir: result[:sir],
+	status: result[:status],
+	output: result[:output],
+	title: result[:title],
+	description: result[:description]
+      )
+    end
+    render json: Result.where(assessment_id: params[:id]), status: :created
+  end
+end

data/lib/norad_cli/templates/spec/support/test_server/app/models/application_record.rb

@@ -0,0 +1,3 @@
+class ApplicationRecord < ActiveRecord::Base
+  self.abstract_class = true
+end

data/lib/norad_cli/templates/spec/support/test_server/app/models/result.rb

@@ -0,0 +1,2 @@
+class Result < ApplicationRecord
+end

data/lib/norad_cli/templates/spec/support/test_server/bin/bundle

@@ -0,0 +1,3 @@
+#!/usr/bin/env ruby
+ENV['BUNDLE_GEMFILE'] ||= File.expand_path('../../Gemfile', __FILE__)
+load Gem.bin_path('bundler', 'bundle')

data/lib/norad_cli/templates/spec/support/test_server/bin/rails

@@ -0,0 +1,9 @@
+#!/usr/bin/env ruby
+begin
+  load File.expand_path('../spring', __FILE__)
+rescue LoadError => e
+  raise unless e.message.include?('spring')
+end
+APP_PATH = File.expand_path('../config/application', __dir__)
+require_relative '../config/boot'
+require 'rails/commands'

data/lib/norad_cli/templates/spec/support/test_server/bin/rake

@@ -0,0 +1,9 @@
+#!/usr/bin/env ruby
+begin
+  load File.expand_path('../spring', __FILE__)
+rescue LoadError => e
+  raise unless e.message.include?('spring')
+end
+require_relative '../config/boot'
+require 'rake'
+Rake.application.run

data/lib/norad_cli/templates/spec/support/test_server/config/application.rb

@@ -0,0 +1,30 @@
+require_relative 'boot'
+
+require "rails"
+# Pick the frameworks you want:
+require "active_model/railtie"
+require "active_job/railtie"
+require "active_record/railtie"
+require "action_controller/railtie"
+require "action_mailer/railtie"
+require "action_view/railtie"
+require "action_cable/engine"
+# require "sprockets/railtie"
+require "rails/test_unit/railtie"
+
+# Require the gems listed in Gemfile, including any gems
+# you've limited to :test, :development, or :production.
+Bundler.require(*Rails.groups)
+
+module TestServer
+  class Application < Rails::Application
+    # Settings in config/environments/* take precedence over those specified here.
+    # Application configuration should go into files in config/initializers
+    # -- all .rb files in that directory are automatically loaded.
+
+    # Only loads a smaller set of middleware suitable for API only apps.
+    # Middleware like session, flash, cookies can be added back manually.
+    # Skip views, helpers and assets when generating a new resource.
+    config.api_only = true
+  end
+end

data/lib/norad_cli/templates/spec/support/test_server/config/boot.rb

@@ -0,0 +1,3 @@
+ENV['BUNDLE_GEMFILE'] ||= File.expand_path('../Gemfile', __dir__)
+
+require 'bundler/setup' # Set up gems listed in the Gemfile.

data/lib/norad_cli/templates/spec/support/test_server/config/cable.yml

@@ -0,0 +1,9 @@
+development:
+  adapter: async
+
+test:
+  adapter: async
+
+production:
+  adapter: redis
+  url: redis://localhost:6379/1

data/lib/norad_cli/templates/spec/support/test_server/config/database.yml

@@ -0,0 +1,25 @@
+# SQLite version 3.x
+#   gem install sqlite3
+#
+#   Ensure the SQLite 3 gem is defined in your Gemfile
+#   gem 'sqlite3'
+#
+default: &default
+  adapter: sqlite3
+  pool: 5
+  timeout: 5000
+
+development:
+  <<: *default
+  database: db/development.sqlite3
+
+# Warning: The database defined as "test" will be erased and
+# re-generated from your development database when you run "rake".
+# Do not set this db to the same as development or production.
+test:
+  <<: *default
+  database: db/test.sqlite3
+
+production:
+  <<: *default
+  database: db/production.sqlite3

data/lib/norad_cli/templates/spec/support/test_server/config/environment.rb

@@ -0,0 +1,5 @@
+# Load the Rails application.
+require_relative 'application'
+
+# Initialize the Rails application.
+Rails.application.initialize!