puppet-sec-lint 0.1.1 → 0.5.3
Sign up to get free protection for your applications and to get access to all the features.
- checksums.yaml +4 -4
- data/.github/workflows/main.yml +4 -2
- data/.idea/puppet-sec-lint.iml +7 -4
- data/Gemfile +3 -1
- data/Gemfile.lock +14 -1
- data/README.md +36 -17
- data/_config.yml +1 -0
- data/docs/404.html +24 -0
- data/docs/Gemfile +30 -0
- data/docs/Gemfile.lock +275 -0
- data/docs/_config.yml +41 -0
- data/docs/_posts/2021-05-03-welcome-to-jekyll.markdown +25 -0
- data/docs/_site/404.html +71 -0
- data/docs/_site/feed.xml +13 -0
- data/docs/_site/index.html +1 -0
- data/docs/_site/jekyll/update/2021/05/03/welcome-to-jekyll.html +77 -0
- data/docs/hard-coded-credentials.md +17 -0
- data/docs/images/puppet-sec-lint_console.png +0 -0
- data/docs/images/puppet-sec-lint_vscode.png +0 -0
- data/docs/index.md +6 -0
- data/exe/puppet-sec-lint +81 -15
- data/file.pp +77 -0
- data/lib/configurations/configuration.rb +2 -1
- data/lib/configurations/regex_configuration.rb +9 -0
- data/lib/facades/configuration_file_facade.rb +3 -1
- data/lib/facades/configuration_page_facade.rb +6 -0
- data/lib/lol.pp +6 -6
- data/lib/puppet-sec-lint/version.rb +3 -1
- data/lib/rule_engine.rb +15 -3
- data/lib/rules/admin_by_default_rule.rb +33 -0
- data/lib/rules/cyrillic_homograph_attack.rb +27 -0
- data/lib/rules/empty_password_rule.rb +35 -0
- data/lib/rules/hard_coded_credentials_rule.rb +22 -31
- data/lib/rules/invalid_ip_addr_binding_rule.rb +37 -0
- data/lib/rules/no_http_rule.rb +26 -9
- data/lib/rules/rule.rb +72 -0
- data/lib/rules/suspicious_comment_rule.rb +28 -0
- data/lib/rules/use_weak_crypto_algorithms_rule.rb +28 -0
- data/lib/servers/language_server.rb +101 -0
- data/lib/servers/linter_server.rb +52 -0
- data/lib/settings.ini +39 -0
- data/lib/{sin.rb → sin/sin.rb} +6 -1
- data/lib/sin/sin_type.rb +44 -0
- data/lib/test.txt +15 -0
- data/lib/test2.rb +16 -0
- data/lib/test3.rb +32 -0
- data/lib/test_new.rb +19 -0
- data/puppet-sec-lint.gemspec +7 -1
- metadata +138 -7
- data/lib/language_server.rb +0 -78
- data/lib/sin_type.rb +0 -12
- data/puppet-sec-lint-0.1.0.gem +0 -0
data/docs/_config.yml
ADDED
@@ -0,0 +1,41 @@
|
|
1
|
+
# Welcome to Jekyll!
|
2
|
+
#
|
3
|
+
# This config file is meant for settings that affect your whole blog, values
|
4
|
+
# which you are expected to set up once and rarely edit after that. If you find
|
5
|
+
# yourself editing this file very often, consider using Jekyll's data files
|
6
|
+
# feature for the data you need to update frequently.
|
7
|
+
#
|
8
|
+
# For technical reasons, this file is *NOT* reloaded automatically when you use
|
9
|
+
# 'bundle exec jekyll serve'. If you change this file, please restart the server process.
|
10
|
+
|
11
|
+
# Site settings
|
12
|
+
# These are used to personalize your new site. If you look in the HTML files,
|
13
|
+
# you will see them accessed via {{ site.title }}, {{ site.email }}, and so on.
|
14
|
+
# You can create any custom variable you would like, and they will be accessible
|
15
|
+
# in the templates via {{ site.myvariable }}.
|
16
|
+
title: Puppet Securtiy Linter
|
17
|
+
email: tiago7b27@gmail.com
|
18
|
+
description: >- # this means to ignore newlines until "baseurl:"
|
19
|
+
Scurity focused linter to detect and help solve vulnearbilities found on Puppet Infrastructure-as-code scripts
|
20
|
+
baseurl: "" # the subpath of your site, e.g. /blog
|
21
|
+
url: "" # the base hostname & protocol for your site, e.g. http://example.com
|
22
|
+
twitter_username: jekyllrb
|
23
|
+
github_username: jekyll
|
24
|
+
|
25
|
+
# Build settings
|
26
|
+
markdown: kramdown
|
27
|
+
theme: jekyll-theme-hacker
|
28
|
+
plugins:
|
29
|
+
- jekyll-feed
|
30
|
+
|
31
|
+
# Exclude from processing.
|
32
|
+
# The following items will not be processed, by default. Create a custom list
|
33
|
+
# to override the default setting.
|
34
|
+
# exclude:
|
35
|
+
# - Gemfile
|
36
|
+
# - Gemfile.lock
|
37
|
+
# - node_modules
|
38
|
+
# - vendor/bundle/
|
39
|
+
# - vendor/cache/
|
40
|
+
# - vendor/gems/
|
41
|
+
# - vendor/ruby/
|
@@ -0,0 +1,25 @@
|
|
1
|
+
---
|
2
|
+
layout: post
|
3
|
+
title: "Welcome to Jekyll!"
|
4
|
+
date: 2021-05-03 21:09:12 +0100
|
5
|
+
categories: jekyll update
|
6
|
+
---
|
7
|
+
You’ll find this post in your `_posts` directory. Go ahead and edit it and re-build the site to see your changes. You can rebuild the site in many different ways, but the most common way is to run `jekyll serve`, which launches a web server and auto-regenerates your site when a file is updated.
|
8
|
+
|
9
|
+
To add new posts, simply add a file in the `_posts` directory that follows the convention `YYYY-MM-DD-name-of-post.ext` and includes the necessary front matter. Take a look at the source for this post to get an idea about how it works.
|
10
|
+
|
11
|
+
Jekyll also offers powerful support for code snippets:
|
12
|
+
|
13
|
+
{% highlight ruby %}
|
14
|
+
def print_hi(name)
|
15
|
+
puts "Hi, #{name}"
|
16
|
+
end
|
17
|
+
print_hi('Tom')
|
18
|
+
#=> prints 'Hi, Tom' to STDOUT.
|
19
|
+
{% endhighlight %}
|
20
|
+
|
21
|
+
Check out the [Jekyll docs][jekyll-docs] for more info on how to get the most out of Jekyll. File all bugs/feature requests at [Jekyll’s GitHub repo][jekyll-gh]. If you have questions, you can ask them on [Jekyll Talk][jekyll-talk].
|
22
|
+
|
23
|
+
[jekyll-docs]: https://jekyllrb.com/docs/home
|
24
|
+
[jekyll-gh]: https://github.com/jekyll/jekyll
|
25
|
+
[jekyll-talk]: https://talk.jekyllrb.com/
|
data/docs/_site/404.html
ADDED
@@ -0,0 +1,71 @@
|
|
1
|
+
<!DOCTYPE html>
|
2
|
+
<html lang="en-US">
|
3
|
+
<head>
|
4
|
+
<meta charset='utf-8'>
|
5
|
+
<meta http-equiv="X-UA-Compatible" content="IE=edge">
|
6
|
+
<meta name="viewport" content="width=device-width, initial-scale=1">
|
7
|
+
<link rel="stylesheet" href="/assets/css/style.css?v=451ab93a01ea7ba9ec933d2a6c0ad3f1555b70e0">
|
8
|
+
|
9
|
+
<!-- Begin Jekyll SEO tag v2.7.1 -->
|
10
|
+
<title>Puppet Securtiy Linter | Scurity focused linter to detect and help solve vulnearbilities found on Puppet Infrastructure-as-code scripts</title>
|
11
|
+
<meta name="generator" content="Jekyll v3.9.0" />
|
12
|
+
<meta property="og:title" content="Puppet Securtiy Linter" />
|
13
|
+
<meta property="og:locale" content="en_US" />
|
14
|
+
<meta name="description" content="Scurity focused linter to detect and help solve vulnearbilities found on Puppet Infrastructure-as-code scripts" />
|
15
|
+
<meta property="og:description" content="Scurity focused linter to detect and help solve vulnearbilities found on Puppet Infrastructure-as-code scripts" />
|
16
|
+
<link rel="canonical" href="http://localhost:4000/404.html" />
|
17
|
+
<meta property="og:url" content="http://localhost:4000/404.html" />
|
18
|
+
<meta property="og:site_name" content="Puppet Securtiy Linter" />
|
19
|
+
<meta name="twitter:card" content="summary" />
|
20
|
+
<meta property="twitter:title" content="Puppet Securtiy Linter" />
|
21
|
+
<script type="application/ld+json">
|
22
|
+
{"@type":"WebPage","headline":"Puppet Securtiy Linter","description":"Scurity focused linter to detect and help solve vulnearbilities found on Puppet Infrastructure-as-code scripts","url":"http://localhost:4000/404.html","@context":"https://schema.org"}</script>
|
23
|
+
<!-- End Jekyll SEO tag -->
|
24
|
+
|
25
|
+
</head>
|
26
|
+
|
27
|
+
<body>
|
28
|
+
|
29
|
+
<header>
|
30
|
+
<div class="container">
|
31
|
+
<a id="a-title" href="/">
|
32
|
+
<h1>Puppet Securtiy Linter</h1>
|
33
|
+
</a>
|
34
|
+
<h2>Scurity focused linter to detect and help solve vulnearbilities found on Puppet Infrastructure-as-code scripts</h2>
|
35
|
+
|
36
|
+
<section id="downloads">
|
37
|
+
|
38
|
+
<a href="https://github.com/TiagoR98/puppet-sec-lint" class="btn btn-github"><span class="icon"></span>View on GitHub</a>
|
39
|
+
</section>
|
40
|
+
</div>
|
41
|
+
</header>
|
42
|
+
|
43
|
+
<div class="container">
|
44
|
+
<section id="main_content">
|
45
|
+
<style type="text/css" media="screen">
|
46
|
+
.container {
|
47
|
+
margin: 10px auto;
|
48
|
+
max-width: 600px;
|
49
|
+
text-align: center;
|
50
|
+
}
|
51
|
+
h1 {
|
52
|
+
margin: 30px 0;
|
53
|
+
font-size: 4em;
|
54
|
+
line-height: 1;
|
55
|
+
letter-spacing: -1px;
|
56
|
+
}
|
57
|
+
</style>
|
58
|
+
|
59
|
+
<div class="container">
|
60
|
+
<h1>404</h1>
|
61
|
+
|
62
|
+
<p><strong>Page not found :(</strong></p>
|
63
|
+
<p>The requested page could not be found.</p>
|
64
|
+
</div>
|
65
|
+
|
66
|
+
</section>
|
67
|
+
</div>
|
68
|
+
|
69
|
+
|
70
|
+
</body>
|
71
|
+
</html>
|
data/docs/_site/feed.xml
ADDED
@@ -0,0 +1,13 @@
|
|
1
|
+
<?xml version="1.0" encoding="utf-8"?><feed xmlns="http://www.w3.org/2005/Atom" ><generator uri="https://jekyllrb.com/" version="3.9.0">Jekyll</generator><link href="http://localhost:4000/feed.xml" rel="self" type="application/atom+xml" /><link href="http://localhost:4000/" rel="alternate" type="text/html" /><updated>2021-05-03T22:26:18+01:00</updated><id>http://localhost:4000/feed.xml</id><title type="html">Puppet Securtiy Linter</title><subtitle>Scurity focused linter to detect and help solve vulnearbilities found on Puppet Infrastructure-as-code scripts</subtitle><entry><title type="html">Welcome to Jekyll!</title><link href="http://localhost:4000/jekyll/update/2021/05/03/welcome-to-jekyll.html" rel="alternate" type="text/html" title="Welcome to Jekyll!" /><published>2021-05-03T21:09:12+01:00</published><updated>2021-05-03T21:09:12+01:00</updated><id>http://localhost:4000/jekyll/update/2021/05/03/welcome-to-jekyll</id><content type="html" xml:base="http://localhost:4000/jekyll/update/2021/05/03/welcome-to-jekyll.html"><p>You’ll find this post in your <code class="language-plaintext highlighter-rouge">_posts</code> directory. Go ahead and edit it and re-build the site to see your changes. You can rebuild the site in many different ways, but the most common way is to run <code class="language-plaintext highlighter-rouge">jekyll serve</code>, which launches a web server and auto-regenerates your site when a file is updated.</p>
|
2
|
+
|
3
|
+
<p>To add new posts, simply add a file in the <code class="language-plaintext highlighter-rouge">_posts</code> directory that follows the convention <code class="language-plaintext highlighter-rouge">YYYY-MM-DD-name-of-post.ext</code> and includes the necessary front matter. Take a look at the source for this post to get an idea about how it works.</p>
|
4
|
+
|
5
|
+
<p>Jekyll also offers powerful support for code snippets:</p>
|
6
|
+
|
7
|
+
<figure class="highlight"><pre><code class="language-ruby" data-lang="ruby"><span class="k">def</span> <span class="nf">print_hi</span><span class="p">(</span><span class="nb">name</span><span class="p">)</span>
|
8
|
+
<span class="nb">puts</span> <span class="s2">"Hi, </span><span class="si">#{</span><span class="nb">name</span><span class="si">}</span><span class="s2">"</span>
|
9
|
+
<span class="k">end</span>
|
10
|
+
<span class="n">print_hi</span><span class="p">(</span><span class="s1">'Tom'</span><span class="p">)</span>
|
11
|
+
<span class="c1">#=&gt; prints 'Hi, Tom' to STDOUT.</span></code></pre></figure>
|
12
|
+
|
13
|
+
<p>Check out the <a href="https://jekyllrb.com/docs/home">Jekyll docs</a> for more info on how to get the most out of Jekyll. File all bugs/feature requests at <a href="https://github.com/jekyll/jekyll">Jekyll’s GitHub repo</a>. If you have questions, you can ask them on <a href="https://talk.jekyllrb.com/">Jekyll Talk</a>.</p></content><author><name></name></author><category term="jekyll" /><category term="update" /><summary type="html">You’ll find this post in your _posts directory. Go ahead and edit it and re-build the site to see your changes. You can rebuild the site in many different ways, but the most common way is to run jekyll serve, which launches a web server and auto-regenerates your site when a file is updated.</summary></entry></feed>
|
@@ -0,0 +1 @@
|
|
1
|
+
|
@@ -0,0 +1,77 @@
|
|
1
|
+
<!DOCTYPE html>
|
2
|
+
<html lang="en-US">
|
3
|
+
<head>
|
4
|
+
<meta charset='utf-8'>
|
5
|
+
<meta http-equiv="X-UA-Compatible" content="IE=edge">
|
6
|
+
<meta name="viewport" content="width=device-width, initial-scale=1">
|
7
|
+
<link rel="stylesheet" href="/assets/css/style.css?v=451ab93a01ea7ba9ec933d2a6c0ad3f1555b70e0">
|
8
|
+
|
9
|
+
<!-- Begin Jekyll SEO tag v2.7.1 -->
|
10
|
+
<title>Welcome to Jekyll! | Puppet Securtiy Linter</title>
|
11
|
+
<meta name="generator" content="Jekyll v3.9.0" />
|
12
|
+
<meta property="og:title" content="Welcome to Jekyll!" />
|
13
|
+
<meta property="og:locale" content="en_US" />
|
14
|
+
<meta name="description" content="You’ll find this post in your _posts directory. Go ahead and edit it and re-build the site to see your changes. You can rebuild the site in many different ways, but the most common way is to run jekyll serve, which launches a web server and auto-regenerates your site when a file is updated." />
|
15
|
+
<meta property="og:description" content="You’ll find this post in your _posts directory. Go ahead and edit it and re-build the site to see your changes. You can rebuild the site in many different ways, but the most common way is to run jekyll serve, which launches a web server and auto-regenerates your site when a file is updated." />
|
16
|
+
<link rel="canonical" href="http://localhost:4000/jekyll/update/2021/05/03/welcome-to-jekyll.html" />
|
17
|
+
<meta property="og:url" content="http://localhost:4000/jekyll/update/2021/05/03/welcome-to-jekyll.html" />
|
18
|
+
<meta property="og:site_name" content="Puppet Securtiy Linter" />
|
19
|
+
<meta property="og:type" content="article" />
|
20
|
+
<meta property="article:published_time" content="2021-05-03T21:09:12+01:00" />
|
21
|
+
<meta name="twitter:card" content="summary" />
|
22
|
+
<meta property="twitter:title" content="Welcome to Jekyll!" />
|
23
|
+
<script type="application/ld+json">
|
24
|
+
{"@type":"BlogPosting","mainEntityOfPage":{"@type":"WebPage","@id":"http://localhost:4000/jekyll/update/2021/05/03/welcome-to-jekyll.html"},"headline":"Welcome to Jekyll!","dateModified":"2021-05-03T21:09:12+01:00","datePublished":"2021-05-03T21:09:12+01:00","description":"You’ll find this post in your _posts directory. Go ahead and edit it and re-build the site to see your changes. You can rebuild the site in many different ways, but the most common way is to run jekyll serve, which launches a web server and auto-regenerates your site when a file is updated.","url":"http://localhost:4000/jekyll/update/2021/05/03/welcome-to-jekyll.html","@context":"https://schema.org"}</script>
|
25
|
+
<!-- End Jekyll SEO tag -->
|
26
|
+
|
27
|
+
</head>
|
28
|
+
|
29
|
+
<body>
|
30
|
+
|
31
|
+
<header>
|
32
|
+
<div class="container">
|
33
|
+
<a id="a-title" href="/">
|
34
|
+
<h1>Puppet Securtiy Linter</h1>
|
35
|
+
</a>
|
36
|
+
<h2>Scurity focused linter to detect and help solve vulnearbilities found on Puppet Infrastructure-as-code scripts</h2>
|
37
|
+
|
38
|
+
<section id="downloads">
|
39
|
+
|
40
|
+
<a href="https://github.com/TiagoR98/puppet-sec-lint" class="btn btn-github"><span class="icon"></span>View on GitHub</a>
|
41
|
+
</section>
|
42
|
+
</div>
|
43
|
+
</header>
|
44
|
+
|
45
|
+
<div class="container">
|
46
|
+
<section id="main_content">
|
47
|
+
<small>3 May 2021</small>
|
48
|
+
<h1>Welcome to Jekyll!</h1>
|
49
|
+
|
50
|
+
<p class="view">by </p>
|
51
|
+
|
52
|
+
<p>You’ll find this post in your <code class="language-plaintext highlighter-rouge">_posts</code> directory. Go ahead and edit it and re-build the site to see your changes. You can rebuild the site in many different ways, but the most common way is to run <code class="language-plaintext highlighter-rouge">jekyll serve</code>, which launches a web server and auto-regenerates your site when a file is updated.</p>
|
53
|
+
|
54
|
+
<p>To add new posts, simply add a file in the <code class="language-plaintext highlighter-rouge">_posts</code> directory that follows the convention <code class="language-plaintext highlighter-rouge">YYYY-MM-DD-name-of-post.ext</code> and includes the necessary front matter. Take a look at the source for this post to get an idea about how it works.</p>
|
55
|
+
|
56
|
+
<p>Jekyll also offers powerful support for code snippets:</p>
|
57
|
+
|
58
|
+
<figure class="highlight"><pre><code class="language-ruby" data-lang="ruby"><span class="k">def</span> <span class="nf">print_hi</span><span class="p">(</span><span class="nb">name</span><span class="p">)</span>
|
59
|
+
<span class="nb">puts</span> <span class="s2">"Hi, </span><span class="si">#{</span><span class="nb">name</span><span class="si">}</span><span class="s2">"</span>
|
60
|
+
<span class="k">end</span>
|
61
|
+
<span class="n">print_hi</span><span class="p">(</span><span class="s1">'Tom'</span><span class="p">)</span>
|
62
|
+
<span class="c1">#=> prints 'Hi, Tom' to STDOUT.</span></code></pre></figure>
|
63
|
+
|
64
|
+
<p>Check out the <a href="https://jekyllrb.com/docs/home">Jekyll docs</a> for more info on how to get the most out of Jekyll. File all bugs/feature requests at <a href="https://github.com/jekyll/jekyll">Jekyll’s GitHub repo</a>. If you have questions, you can ask them on <a href="https://talk.jekyllrb.com/">Jekyll Talk</a>.</p>
|
65
|
+
|
66
|
+
|
67
|
+
|
68
|
+
|
69
|
+
<small>tags: <em></em></small>
|
70
|
+
|
71
|
+
|
72
|
+
</section>
|
73
|
+
</div>
|
74
|
+
|
75
|
+
|
76
|
+
</body>
|
77
|
+
</html>
|
@@ -0,0 +1,17 @@
|
|
1
|
+
---
|
2
|
+
title: Hard Coded Credentials
|
3
|
+
permalink: /hard-coded-credentials/
|
4
|
+
---
|
5
|
+
|
6
|
+
# Hard Coded Credentials
|
7
|
+
|
8
|
+
Writing sensitive credentials on puppet scripts can expose them to malicious actors who can obtain access to these files.
|
9
|
+
|
10
|
+
## Example
|
11
|
+
|
12
|
+
```puppet
|
13
|
+
class example::service (
|
14
|
+
$username = "user1",
|
15
|
+
$passsword = "amind1234"
|
16
|
+
)
|
17
|
+
```
|
Binary file
|
Binary file
|
data/docs/index.md
ADDED
data/exe/puppet-sec-lint
CHANGED
@@ -2,34 +2,100 @@
|
|
2
2
|
|
3
3
|
require_relative '../lib/rule_engine'
|
4
4
|
require 'json'
|
5
|
+
require 'launchy'
|
5
6
|
require 'optparse'
|
6
7
|
require 'optparse/uri'
|
8
|
+
require_relative '../lib/puppet-sec-lint/version'
|
7
9
|
require_relative '../lib/visitors/configuration_visitor'
|
8
10
|
require_relative '../lib/facades/configuration_file_facade'
|
9
|
-
|
11
|
+
|
12
|
+
#get free port
|
13
|
+
loop do
|
14
|
+
$port = rand(3000..9999)
|
15
|
+
break if (Socket.tcp('localhost', port, connect_timeout: 5) { false } rescue true)
|
16
|
+
end
|
17
|
+
|
18
|
+
conf_page_url = "http://localhost:#{$port}/configuration"
|
10
19
|
|
11
20
|
options = {}
|
21
|
+
@success = true
|
22
|
+
|
23
|
+
def analyze_file(file_path)
|
24
|
+
File.open(file_path, 'rb:UTF-8') do |f|
|
25
|
+
puts "Analyzing the file #{File.basename(file_path)}...\n\n"
|
26
|
+
|
27
|
+
code = f.read
|
28
|
+
result = RuleEngine.analyzeDocument(code)
|
29
|
+
|
30
|
+
result.each do |sin|
|
31
|
+
puts sin.ToString
|
32
|
+
@success = false
|
33
|
+
end
|
34
|
+
|
35
|
+
puts "\nFound #{result.length} vulnerabilities in the puppet code.\n"
|
36
|
+
end
|
37
|
+
end
|
38
|
+
|
12
39
|
OptionParser.new do |opts|
|
13
|
-
opts.banner = "Usage: puppet-sec-lint [options]"
|
40
|
+
opts.banner = "Usage: puppet-sec-lint [file or directory] [options]"
|
41
|
+
|
42
|
+
opts.on("-c", "--configurations", "Open the linter rules configurations page on a browser") do |v|
|
43
|
+
options[:configurations] = v
|
44
|
+
end
|
14
45
|
|
15
|
-
opts.on("-
|
16
|
-
options[:
|
46
|
+
opts.on("-p", "--port=PORT", "TCP Port open for socket communication with the language server (Default:5007)") do |port|
|
47
|
+
options[:port] = port
|
17
48
|
end
|
18
49
|
end.parse!
|
19
50
|
|
20
|
-
|
21
|
-
|
22
|
-
|
51
|
+
puts '___ _ _ ___ ___ ____ ___ ____ ____ ____ _ _ ____ _ ___ _ _ _ _ _ _ ___ ____ ____ '
|
52
|
+
puts '|__] | | |__] |__] |___ | [__ |___ | | | |__/ | | \_/ | | |\ | | |___ |__/ '
|
53
|
+
puts '| |__| | | |___ | ___] |___ |___ |__| | \ | | | |___ | | \| | |___ | \ '
|
54
|
+
|
55
|
+
puts "\n"
|
56
|
+
|
57
|
+
puts "Release v#{PuppetSecLint::VERSION} #{PuppetSecLint::AUTHOR} #{PuppetSecLint::YEAR}"
|
23
58
|
|
24
|
-
|
25
|
-
ConfigurationFileFacade.LoadConfigurations
|
59
|
+
puts "\n"
|
26
60
|
|
27
|
-
|
28
|
-
|
61
|
+
if not ARGV[0].nil?
|
62
|
+
if File.file?(ARGV[0].to_s) && File.extname(ARGV[0].to_s) == '.pp'
|
63
|
+
analyze_file(ARGV[0].to_s)
|
64
|
+
elsif File.directory?(ARGV[0].to_s)
|
65
|
+
Dir.chdir(ARGV[0].to_s)
|
66
|
+
files = Dir.glob("**/*.pp").map {|f| File.join(Dir.pwd,f) }
|
67
|
+
|
68
|
+
files.each do |file_path|
|
69
|
+
analyze_file(file_path)
|
70
|
+
puts "\n"
|
71
|
+
end
|
72
|
+
else
|
73
|
+
raise "#{ARGV[0].to_s} is neither a valid directory or puppet file"
|
74
|
+
end
|
75
|
+
end
|
29
76
|
|
30
|
-
|
77
|
+
if ARGV[0].nil? || options[:configurations]
|
78
|
+
linter_server = Thread.new {
|
79
|
+
require_relative '../lib/servers/linter_server'
|
80
|
+
LinterServer.start($port)
|
81
|
+
}
|
82
|
+
language_server = Thread.new {
|
83
|
+
require_relative '../lib/servers/language_server'
|
84
|
+
LanguageServer.start(options[:port])
|
85
|
+
}
|
31
86
|
|
32
|
-
|
33
|
-
puts
|
87
|
+
if options[:configurations]
|
88
|
+
puts "\nLaunching configurations page at #{conf_page_url}...\n\n"
|
89
|
+
Launchy.open(conf_page_url)
|
90
|
+
else
|
91
|
+
puts "\nLinter configurations page available at #{conf_page_url}\n\n"
|
92
|
+
puts "-----------------------------------------------------------------------"
|
34
93
|
end
|
35
|
-
|
94
|
+
|
95
|
+
linter_server.join
|
96
|
+
language_server.exit
|
97
|
+
end
|
98
|
+
|
99
|
+
exit(@success)
|
100
|
+
|
101
|
+
|
data/file.pp
ADDED
@@ -0,0 +1,77 @@
|
|
1
|
+
# the following code addresses the bug: https://bugs.launchpad.net/keystone/+bug/1472285 .
|
2
|
+
|
3
|
+
class consul_template::service (
|
4
|
+
$pass = lols(3),
|
5
|
+
$aijoijooiumihhn_password = 'pe-puppet'
|
6
|
+
$admin = 'ceisssesrelometer',
|
7
|
+
$aijoijooiumihhn_password = '(adiyu(guygmin',
|
8
|
+
) {
|
9
|
+
exec { 'network-restart':
|
10
|
+
command => 'ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQDM release-runner key',
|
11
|
+
path => '/usr/bin:/usr/sbin:/bin:/sbin',
|
12
|
+
refreshonly => true,
|
13
|
+
vmware_md5 => 'LOL',
|
14
|
+
autho => 'MDi09i09i5',
|
15
|
+
cmd => 'virsh secret-define --file ${secret_xml} && virsh secret-set-value --secret ${rbd_secret_uuid} --base64 $(ceph auth get-key client.${user})',
|
16
|
+
$auth_uri => 'http://127.0.0.1:5000',
|
17
|
+
address => '0.0.0.0',
|
18
|
+
user = 'admin',
|
19
|
+
password => '',
|
20
|
+
}
|
21
|
+
case $::osfamily {
|
22
|
+
'RedHat': {
|
23
|
+
exec { 'upload-img':
|
24
|
+
command => "/usr/bin/glance -N ${os_auth_url} -T ${os_tenant_name} -I ${os_username} -K ${os_password} add name=${img_name} is_public=${public} container_format=${container_format} disk_format=${disk_format} distro=${os_name} < /opt/vm/cirros-x86_64-disk.img",
|
25
|
+
unless => "/usr/bin/glance -N ${os_auth_url} -T ${os_tenant_name} -I ${os_username} -K ${os_password} index && (/usr/bin/glance -N ${os_auth_url} -T ${os_tenant_name} -I ${os_username} -K ${os_password} index | grep ${img_name})",
|
26
|
+
|
27
|
+
}
|
28
|
+
}
|
29
|
+
'Debian': {
|
30
|
+
exec { 'upload-img':
|
31
|
+
command => "/usr/bin/glance -N ${os_auth_url} -T ${os_tenant_name} -I ${os_username} -K ${os_password} add name=${img_name} is_public=${public} container_format=${container_format} disk_format=${disk_format} distro=${os_name} < /usr/share/cirros-testvm/cirros-x86_64-disk.img",
|
32
|
+
unless => "/usr/bin/glance -N ${os_auth_url} -T ${os_tenant_name} -I ${os_username} -K ${os_password} index && (/usr/bin/glance -N ${os_auth_url} -T ${os_tenant_name} -I ${os_username} -K ${os_password} index | grep ${img_name})",
|
33
|
+
key => "E8CC67053ED3B199",
|
34
|
+
key_content => '-----BEGIN PGP PUBLIC KEY BLOCK-----
|
35
|
+
Version: GnuPG v1.4.11 (GNU/Linux)
|
36
|
+
|
37
|
+
mQENBE/oXVkBCACcjAcV7lRGskECEHovgZ6a2robpBroQBW+tJds7B+qn/DslOAN
|
38
|
+
1hm0UuGQsi8pNzHDE29FMO3yOhmkenDd1V/T6tHNXqhHvf55nL6anlzwMmq3syIS
|
39
|
+
uqVjeMMXbZ4d+Rh0K/rI4TyRbUiI2DDLP+6wYeh1pTPwrleHm5FXBMDbU/OZ5vKZ
|
40
|
+
67j99GaARYxHp8W/be8KRSoV9wU1WXr4+GA6K7ENe2A8PT+jH79Sr4kF4uKC3VxD
|
41
|
+
BF5Z0yaLqr+1V2pHU3AfmybOCmoPYviOqpwj3FQ2PhtObLs+hq7zCviDTX2IxHBb
|
42
|
+
Q3mGsD8wS9uyZcHN77maAzZlL5G794DEr1NLABEBAAG0NU9wZW5TdGFja0BDaXNj
|
43
|
+
byBBUFQgcmVwbyA8b3BlbnN0YWNrLWJ1aWxkZEBjaXNjby5jb20+iQE4BBMBAgAi
|
44
|
+
BQJP6F1ZAhsDBgsJCAcDAgYVCAIJCgsEFgIDAQIeAQIXgAAKCRDozGcFPtOxmXcK
|
45
|
+
B/9WvQrBwxmIMV2M+VMBhQqtipvJeDX2Uv34Ytpsg2jldl0TS8XheGlUNZ5djxDy
|
46
|
+
u3X0hKwRLeOppV09GVO3wGizNCV1EJjqQbCMkq6VSJjD1B/6Tg+3M/XmNaKHK3Op
|
47
|
+
zSi+35OQ6xXc38DUOrigaCZUU40nGQeYUMRYzI+d3pPlNd0+nLndrE4rNNFB91dM
|
48
|
+
BTeoyQMWd6tpTwz5MAi+I11tCIQAPCSG1qR52R3bog/0PlJzilxjkdShl1Cj0RmX
|
49
|
+
7bHIMD66uC1FKCpbRaiPR8XmTPLv29ZTk1ABBzoynZyFDfliRwQi6TS20TuEj+ZH
|
50
|
+
xq/T6MM6+rpdBVz62ek6/KBcuQENBE/oXVkBCACgzyyGvvHLx7g/Rpys1WdevYMH
|
51
|
+
THBS24RMaDHqg7H7xe0fFzmiblWjV8V4Yy+heLLV5nTYBQLS43MFvFbnFvB3ygDI
|
52
|
+
IdVjLVDXcPfcp+Np2PE8cJuDEE4seGU26UoJ2pPK/IHbnmGWYwXJBbik9YepD61c
|
53
|
+
NJ5XMzMYI5z9/YNupeJoy8/8uxdxI/B66PL9QN8wKBk5js2OX8TtEjmEZSrZrIuM
|
54
|
+
rVVXRU/1m732lhIyVVws4StRkpG+D15Dp98yDGjbCRREzZPeKHpvO/Uhn23hVyHe
|
55
|
+
PIc+bu1mXMQ+N/3UjXtfUg27hmmgBDAjxUeSb1moFpeqLys2AAY+yXiHDv57ABEB
|
56
|
+
AAGJAR8EGAECAAkFAk/oXVkCGwwACgkQ6MxnBT7TsZng+AgAnFogD90f3ByTVlNp
|
57
|
+
Sb+HHd/cPqZ83RB9XUxRRnkIQmOozUjw8nq8I8eTT4t0Sa8G9q1fl14tXIJ9szzz
|
58
|
+
BUIYyda/RYZszL9rHhucSfFIkpnp7ddfE9NDlnZUvavnnyRsWpIZa6hJq8hQEp92
|
59
|
+
IQBF6R7wOws0A0oUmME25Rzam9qVbywOh9ZQvzYPpFaEmmjpCRDxJLB1DYu8lnC4
|
60
|
+
h1jP1GXFUIQDbcznrR2MQDy5fNt678HcIqMwVp2CJz/2jrZlbSKfMckdpbiWNns/
|
61
|
+
xKyLYs5m34d4a0it6wsMem3YCefSYBjyLGSd/kCI/CgOdGN1ZY1HSdLmmjiDkQPQ
|
62
|
+
UcXHbA==
|
63
|
+
=v6jg
|
64
|
+
-----END PGP PUBLIC KEY BLOCK-----',
|
65
|
+
|
66
|
+
}
|
67
|
+
}
|
68
|
+
}
|
69
|
+
file { '/var/lib/gerrit/.ssh/id_rsa' :
|
70
|
+
owner => 'gerrit',
|
71
|
+
group => 'gerrit',
|
72
|
+
mode => '0600',
|
73
|
+
content => $ssh_replication_rsa_key_contents,
|
74
|
+
replace => true,
|
75
|
+
require => File['/var/lib/gerrit/.ssh']
|
76
|
+
}
|
77
|
+
}
|