puppet-sec-lint 0.5.0 → 0.5.1

checksums.yaml

@@ -1,7 +1,7 @@
 ---
 SHA256:
-  metadata.gz: 809fba20ed858642afb88163e0d10a7cbb16bdba42034cc7ee64c6759e972818
-  data.tar.gz: aa3f199ba26370c45544219bd7ac6da577bda1bc1de505f3402078335005c8e2
+  metadata.gz: 2c75ec06021b919c8daf8dec13912c044a5bff527d3e3ea4f9b1c03dd00ca218
+  data.tar.gz: 8ffbf00594099263843f1e696f0acc6a55d693f516b47cac72880cdc5fa423f1
 SHA512:
-  metadata.gz: 6927190fd45bac7c13952d2ce47a182655edc2d82cbd072dc662bf33e370dfc6f964e35b0f82a05ed194cf87eb4e76121453f5f7381afac7bb702679e198ead6
-  data.tar.gz: 3f69d79d76380a44c118e5dadeed7efdd32308453fe65815258a9539a1dc642f8daa24907fb131b2293fed5adc3617f0eb9a8f6776b0ee5dce4e8e76b5595fdf
+  metadata.gz: ab18a79dfa394fd006e68066aafafaab2112ddbaac1fe0c55f9b1cae2e8a1c6f6dea187228b46a50b6b483133ca5bf68e6c7ed03ec8758078c88e2831212c5ce
+  data.tar.gz: b019f6dea23cadb892b9f4d5a1c9069f2aaca737d5badfcf9d3bfd03a847940c27af3690adfd38711649838232924bfb4c88530477b38119e639433bbf732dc7

data/Gemfile.lock

@@ -1,7 +1,7 @@
 PATH
   remote: .
   specs:
-    puppet-sec-lint (0.1.2)
+    puppet-sec-lint (0.5.1)
 
 GEM
   remote: https://rubygems.org/

data/README.md

@@ -2,6 +2,8 @@
 
 Puppet linter focused on finding security vulnerabilities in code.
 
+![puppet-sec-lint console execution](docs/images/puppet-sec-lint_console.png)
+
 ## Installation
 
 Install the Ruby gem:
@@ -39,7 +41,7 @@ Then, install the [puppet-sec-lint VSCode extension](https://marketplace.visuals
 
 Now, after that the extension is activate, it should be activated automatically when a Puppet file is opened, analyzing and displaying warnings in real time.
 
-
+![puppet-sec-lint console execution](docs/images/puppet-sec-lint_vscode.png)
 
 ## Development
 

data/exe/puppet-sec-lint

@@ -9,7 +9,13 @@ require_relative '../lib/puppet-sec-lint/version'
 require_relative '../lib/visitors/configuration_visitor'
 require_relative '../lib/facades/configuration_file_facade'
 
-conf_page_url = "http://localhost:9292/configuration"
+#get free port
+loop do
+  $port = rand(3000..9999)
+  break if (Socket.tcp('localhost', port, connect_timeout: 5) { false } rescue true)
+end
+
+conf_page_url = "http://localhost:#{$port}/configuration"
 
 options = {}
 @success = true
@@ -36,6 +42,10 @@ OptionParser.new do |opts|
   opts.on("-c", "--configurations", "Open the linter rules configurations page on a browser") do |v|
     options[:configurations] = v
   end
+
+  opts.on("-p", "--port=PORT", "TCP Port open for socket communication with the language server (Default:5007)") do |port|
+    options[:port] = port
+  end
 end.parse!
 
 puts '___  _  _ ___  ___  ____ ___    ____ ____ ____ _  _ ____ _ ___ _   _    _    _ _  _ ___ ____ ____ '
@@ -66,18 +76,19 @@ end
 
 if ARGV[0].nil? || options[:configurations]
   linter_server = Thread.new {
-  require_relative '../lib/servers/linter_server'
+    require_relative '../lib/servers/linter_server'
+    LinterServer.start($port)
   }
   language_server = Thread.new {
     require_relative '../lib/servers/language_server'
-    LanguageServer.start
+    LanguageServer.start(options[:port])
     }
 
   if options[:configurations]
     puts "\nLaunching configurations page at #{conf_page_url}...\n\n"
     Launchy.open(conf_page_url)
   else
-    puts "\nLinter configurations page available at #{conf_page_url}\n\n"
+    puts "\nLinter configurations page available at #{conf_page_url} #{@port}\n\n"
   end
 
   linter_server.join

data/{lol2.pp → file.pp}

@@ -1,17 +1,10 @@
-#class path_attribute {
-#  file { 'ssh_config_file':
-#    path    => '/etc/ssh/sshd_config',
-#    content => 'Bad path attribute, bad.',
-#  }
-#}
-
-# the following code addresses the bujjjg: https://bukkkgs.launchpad.net/keystone/+bug/1472285 .
+# the following code addresses the bug: https://bugs.launchpad.net/keystone/+bug/1472285 .
 
 class consul_template::service (
     $pass                   = lols(3),
     $aijoijooiumihhn_password = 'pe-puppet'
     $admin       = 'ceisssesrelometer',
-    $aijoijooiumihhn_passuihiuhword = '(adiyu(guygmin',
+    $aijoijooiumihhn_password = '(adiyu(guygmin',
   ) {
   exec { 'network-restart':
     command        => 'ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQDM release-runner key',
@@ -21,8 +14,9 @@ class consul_template::service (
     autho          => 'MDi09i09i5',
     cmd            => 'virsh secret-define --file ${secret_xml} && virsh secret-set-value --secret ${rbd_secret_uuid} --base64 $(ceph auth get-key client.${user})',
     $auth_uri      => 'http://127.0.0.1:5000',
-    'bind_address' => '0.0.0.0',
-    passwkkkkord       => 'joijoij',
+    address => '0.0.0.0',
+    user = 'admin',
+    password       => '',
   }
   case $::osfamily {
     'RedHat': {
@@ -36,7 +30,7 @@ class consul_template::service (
     exec { 'upload-img':
       command => "/usr/bin/glance -N ${os_auth_url} -T ${os_tenant_name} -I ${os_username} -K ${os_password} add name=${img_name} is_public=${public} container_format=${container_format} disk_format=${disk_format} distro=${os_name} < /usr/share/cirros-testvm/cirros-x86_64-disk.img",
       unless => "/usr/bin/glance -N ${os_auth_url} -T ${os_tenant_name} -I ${os_username} -K ${os_password} index && (/usr/bin/glance -N ${os_auth_url} -T ${os_tenant_name} -I ${os_username} -K ${os_password} index | grep ${img_name})",
-      kehhhuhy => "E8CC67053ED3B199",
+      key => "E8CC67053ED3B199",
       key_content => '-----BEGIN PGP PUBLIC KEY BLOCK-----
 Version: GnuPG v1.4.11 (GNU/Linux)
 

data/lib/puppet-sec-lint/version.rb

@@ -1,7 +1,7 @@
 # frozen_string_literal: true
 
 module PuppetSecLint
-  VERSION = "0.5.0"
+  VERSION = "0.5.1"
   YEAR = "2021"
   AUTHOR = "Tiago Ribeiro"
 end

data/lib/servers/language_server.rb

@@ -10,8 +10,9 @@ class LanguageServer
   ConfigurationVisitor.GenerateIDs
   ConfigurationFileFacade.LoadConfigurations
 
-  def self.start
-    server = TCPServer.open(5007)
+  def self.start(port)
+    port ||= 5007
+    server = TCPServer.open(port)
 
     loop {
       Thread.fork(server.accept) do |client|

data/lib/servers/linter_server.rb

@@ -45,6 +45,8 @@ class LinterServer
     return [200, { 'Content-Type' => 'text/plain' }, ["Changes saved successfully"]]
   end
 
-end
+  def self.start(port)
+    Rack::Handler::Thin.run(LinterServer.new, :Port => port)
+  end
 
-Rack::Handler::Thin.run(LinterServer.new, :Port => 9292)
+end

metadata

@@ -1,14 +1,14 @@
 --- !ruby/object:Gem::Specification
 name: puppet-sec-lint
 version: !ruby/object:Gem::Version
-  version: 0.5.0
+  version: 0.5.1
 platform: ruby
 authors:
 - Tiago Ribeiro
 autorequire: 
 bindir: exe
 cert_chain: []
-date: 2021-05-06 00:00:00.000000000 Z
+date: 2021-05-08 00:00:00.000000000 Z
 dependencies: []
 description: This is a more complete security linter for the puppet language
 email:
@@ -48,8 +48,11 @@ files:
 - docs/_site/index.html
 - docs/_site/jekyll/update/2021/05/03/welcome-to-jekyll.html
 - docs/hard-coded-credentials.md
+- docs/images/puppet-sec-lint_console.png
+- docs/images/puppet-sec-lint_vscode.png
 - docs/index.md
 - exe/puppet-sec-lint
+- file.pp
 - lib/configurations/boolean_configuration.rb
 - lib/configurations/configuration.rb
 - lib/configurations/list_configuration.rb
@@ -77,7 +80,6 @@ files:
 - lib/test3.rb
 - lib/test_new.rb
 - lib/visitors/configuration_visitor.rb
-- lol2.pp
 - puppet-sec-lint.gemspec
 homepage: https://github.com/TiagoR98/puppet-sec-lint
 licenses: