puppet-sec-lint 0.5.0 → 0.5.1

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
checksums.yaml CHANGED
@@ -1,7 +1,7 @@
1
1
  ---
2
2
  SHA256:
3
- metadata.gz: 809fba20ed858642afb88163e0d10a7cbb16bdba42034cc7ee64c6759e972818
4
- data.tar.gz: aa3f199ba26370c45544219bd7ac6da577bda1bc1de505f3402078335005c8e2
3
+ metadata.gz: 2c75ec06021b919c8daf8dec13912c044a5bff527d3e3ea4f9b1c03dd00ca218
4
+ data.tar.gz: 8ffbf00594099263843f1e696f0acc6a55d693f516b47cac72880cdc5fa423f1
5
5
  SHA512:
6
- metadata.gz: 6927190fd45bac7c13952d2ce47a182655edc2d82cbd072dc662bf33e370dfc6f964e35b0f82a05ed194cf87eb4e76121453f5f7381afac7bb702679e198ead6
7
- data.tar.gz: 3f69d79d76380a44c118e5dadeed7efdd32308453fe65815258a9539a1dc642f8daa24907fb131b2293fed5adc3617f0eb9a8f6776b0ee5dce4e8e76b5595fdf
6
+ metadata.gz: ab18a79dfa394fd006e68066aafafaab2112ddbaac1fe0c55f9b1cae2e8a1c6f6dea187228b46a50b6b483133ca5bf68e6c7ed03ec8758078c88e2831212c5ce
7
+ data.tar.gz: b019f6dea23cadb892b9f4d5a1c9069f2aaca737d5badfcf9d3bfd03a847940c27af3690adfd38711649838232924bfb4c88530477b38119e639433bbf732dc7
data/Gemfile.lock CHANGED
@@ -1,7 +1,7 @@
1
1
  PATH
2
2
  remote: .
3
3
  specs:
4
- puppet-sec-lint (0.1.2)
4
+ puppet-sec-lint (0.5.1)
5
5
 
6
6
  GEM
7
7
  remote: https://rubygems.org/
data/README.md CHANGED
@@ -2,6 +2,8 @@
2
2
 
3
3
  Puppet linter focused on finding security vulnerabilities in code.
4
4
 
5
+ ![puppet-sec-lint console execution](docs/images/puppet-sec-lint_console.png)
6
+
5
7
  ## Installation
6
8
 
7
9
  Install the Ruby gem:
@@ -39,7 +41,7 @@ Then, install the [puppet-sec-lint VSCode extension](https://marketplace.visuals
39
41
 
40
42
  Now, after that the extension is activate, it should be activated automatically when a Puppet file is opened, analyzing and displaying warnings in real time.
41
43
 
42
-
44
+ ![puppet-sec-lint console execution](docs/images/puppet-sec-lint_vscode.png)
43
45
 
44
46
  ## Development
45
47
 
data/exe/puppet-sec-lint CHANGED
@@ -9,7 +9,13 @@ require_relative '../lib/puppet-sec-lint/version'
9
9
  require_relative '../lib/visitors/configuration_visitor'
10
10
  require_relative '../lib/facades/configuration_file_facade'
11
11
 
12
- conf_page_url = "http://localhost:9292/configuration"
12
+ #get free port
13
+ loop do
14
+ $port = rand(3000..9999)
15
+ break if (Socket.tcp('localhost', port, connect_timeout: 5) { false } rescue true)
16
+ end
17
+
18
+ conf_page_url = "http://localhost:#{$port}/configuration"
13
19
 
14
20
  options = {}
15
21
  @success = true
@@ -36,6 +42,10 @@ OptionParser.new do |opts|
36
42
  opts.on("-c", "--configurations", "Open the linter rules configurations page on a browser") do |v|
37
43
  options[:configurations] = v
38
44
  end
45
+
46
+ opts.on("-p", "--port=PORT", "TCP Port open for socket communication with the language server (Default:5007)") do |port|
47
+ options[:port] = port
48
+ end
39
49
  end.parse!
40
50
 
41
51
  puts '___ _ _ ___ ___ ____ ___ ____ ____ ____ _ _ ____ _ ___ _ _ _ _ _ _ ___ ____ ____ '
@@ -66,18 +76,19 @@ end
66
76
 
67
77
  if ARGV[0].nil? || options[:configurations]
68
78
  linter_server = Thread.new {
69
- require_relative '../lib/servers/linter_server'
79
+ require_relative '../lib/servers/linter_server'
80
+ LinterServer.start($port)
70
81
  }
71
82
  language_server = Thread.new {
72
83
  require_relative '../lib/servers/language_server'
73
- LanguageServer.start
84
+ LanguageServer.start(options[:port])
74
85
  }
75
86
 
76
87
  if options[:configurations]
77
88
  puts "\nLaunching configurations page at #{conf_page_url}...\n\n"
78
89
  Launchy.open(conf_page_url)
79
90
  else
80
- puts "\nLinter configurations page available at #{conf_page_url}\n\n"
91
+ puts "\nLinter configurations page available at #{conf_page_url} #{@port}\n\n"
81
92
  end
82
93
 
83
94
  linter_server.join
@@ -1,17 +1,10 @@
1
- #class path_attribute {
2
- # file { 'ssh_config_file':
3
- # path => '/etc/ssh/sshd_config',
4
- # content => 'Bad path attribute, bad.',
5
- # }
6
- #}
7
-
8
- # the following code addresses the bujjjg: https://bukkkgs.launchpad.net/keystone/+bug/1472285 .
1
+ # the following code addresses the bug: https://bugs.launchpad.net/keystone/+bug/1472285 .
9
2
 
10
3
  class consul_template::service (
11
4
  $pass = lols(3),
12
5
  $aijoijooiumihhn_password = 'pe-puppet'
13
6
  $admin = 'ceisssesrelometer',
14
- $aijoijooiumihhn_passuihiuhword = '(adiyu(guygmin',
7
+ $aijoijooiumihhn_password = '(adiyu(guygmin',
15
8
  ) {
16
9
  exec { 'network-restart':
17
10
  command => 'ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQDM release-runner key',
@@ -21,8 +14,9 @@ class consul_template::service (
21
14
  autho => 'MDi09i09i5',
22
15
  cmd => 'virsh secret-define --file ${secret_xml} && virsh secret-set-value --secret ${rbd_secret_uuid} --base64 $(ceph auth get-key client.${user})',
23
16
  $auth_uri => 'http://127.0.0.1:5000',
24
- 'bind_address' => '0.0.0.0',
25
- passwkkkkord => 'joijoij',
17
+ address => '0.0.0.0',
18
+ user = 'admin',
19
+ password => '',
26
20
  }
27
21
  case $::osfamily {
28
22
  'RedHat': {
@@ -36,7 +30,7 @@ class consul_template::service (
36
30
  exec { 'upload-img':
37
31
  command => "/usr/bin/glance -N ${os_auth_url} -T ${os_tenant_name} -I ${os_username} -K ${os_password} add name=${img_name} is_public=${public} container_format=${container_format} disk_format=${disk_format} distro=${os_name} < /usr/share/cirros-testvm/cirros-x86_64-disk.img",
38
32
  unless => "/usr/bin/glance -N ${os_auth_url} -T ${os_tenant_name} -I ${os_username} -K ${os_password} index && (/usr/bin/glance -N ${os_auth_url} -T ${os_tenant_name} -I ${os_username} -K ${os_password} index | grep ${img_name})",
39
- kehhhuhy => "E8CC67053ED3B199",
33
+ key => "E8CC67053ED3B199",
40
34
  key_content => '-----BEGIN PGP PUBLIC KEY BLOCK-----
41
35
  Version: GnuPG v1.4.11 (GNU/Linux)
42
36
 
@@ -1,7 +1,7 @@
1
1
  # frozen_string_literal: true
2
2
 
3
3
  module PuppetSecLint
4
- VERSION = "0.5.0"
4
+ VERSION = "0.5.1"
5
5
  YEAR = "2021"
6
6
  AUTHOR = "Tiago Ribeiro"
7
7
  end
@@ -10,8 +10,9 @@ class LanguageServer
10
10
  ConfigurationVisitor.GenerateIDs
11
11
  ConfigurationFileFacade.LoadConfigurations
12
12
 
13
- def self.start
14
- server = TCPServer.open(5007)
13
+ def self.start(port)
14
+ port ||= 5007
15
+ server = TCPServer.open(port)
15
16
 
16
17
  loop {
17
18
  Thread.fork(server.accept) do |client|
@@ -45,6 +45,8 @@ class LinterServer
45
45
  return [200, { 'Content-Type' => 'text/plain' }, ["Changes saved successfully"]]
46
46
  end
47
47
 
48
- end
48
+ def self.start(port)
49
+ Rack::Handler::Thin.run(LinterServer.new, :Port => port)
50
+ end
49
51
 
50
- Rack::Handler::Thin.run(LinterServer.new, :Port => 9292)
52
+ end
metadata CHANGED
@@ -1,14 +1,14 @@
1
1
  --- !ruby/object:Gem::Specification
2
2
  name: puppet-sec-lint
3
3
  version: !ruby/object:Gem::Version
4
- version: 0.5.0
4
+ version: 0.5.1
5
5
  platform: ruby
6
6
  authors:
7
7
  - Tiago Ribeiro
8
8
  autorequire:
9
9
  bindir: exe
10
10
  cert_chain: []
11
- date: 2021-05-06 00:00:00.000000000 Z
11
+ date: 2021-05-08 00:00:00.000000000 Z
12
12
  dependencies: []
13
13
  description: This is a more complete security linter for the puppet language
14
14
  email:
@@ -48,8 +48,11 @@ files:
48
48
  - docs/_site/index.html
49
49
  - docs/_site/jekyll/update/2021/05/03/welcome-to-jekyll.html
50
50
  - docs/hard-coded-credentials.md
51
+ - docs/images/puppet-sec-lint_console.png
52
+ - docs/images/puppet-sec-lint_vscode.png
51
53
  - docs/index.md
52
54
  - exe/puppet-sec-lint
55
+ - file.pp
53
56
  - lib/configurations/boolean_configuration.rb
54
57
  - lib/configurations/configuration.rb
55
58
  - lib/configurations/list_configuration.rb
@@ -77,7 +80,6 @@ files:
77
80
  - lib/test3.rb
78
81
  - lib/test_new.rb
79
82
  - lib/visitors/configuration_visitor.rb
80
- - lol2.pp
81
83
  - puppet-sec-lint.gemspec
82
84
  homepage: https://github.com/TiagoR98/puppet-sec-lint
83
85
  licenses: