simp-beaker-helpers 1.18.2 → 1.18.7
Sign up to get free protection for your applications and to get access to all the features.
- checksums.yaml +4 -4
- data/CHANGELOG.md +25 -0
- data/lib/simp/beaker_helpers.rb +17 -23
- data/lib/simp/beaker_helpers/inspec.rb +1 -1
- data/lib/simp/beaker_helpers/snapshot.rb +3 -5
- data/lib/simp/beaker_helpers/ssg.rb +35 -0
- data/lib/simp/beaker_helpers/version.rb +1 -1
- data/spec/acceptance/suites/snapshot/00_snapshot_test_spec.rb +1 -1
- metadata +2 -2
checksums.yaml
CHANGED
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
---
|
|
2
2
|
SHA256:
|
|
3
|
-
metadata.gz:
|
|
4
|
-
data.tar.gz:
|
|
3
|
+
metadata.gz: 7c9e3aa05ef72a88b5b47a58fd135b79f0e18f1c8904e54d20b8795f168e163a
|
|
4
|
+
data.tar.gz: 44ebf1aa2489a831fa8b9477888a0122d3a44a0a92f175c4a5cd7ce5093eeede
|
|
5
5
|
SHA512:
|
|
6
|
-
metadata.gz:
|
|
7
|
-
data.tar.gz:
|
|
6
|
+
metadata.gz: a3ccf798229dbc16ed9aceac1b9e21992b35ca23ede613343037bcb0143ab5f9785dcfe797a98d8764f83c5c85bd6e84116f2c5efd842d885905b9c2da4baac7
|
|
7
|
+
data.tar.gz: 26a69f5aa235c6074788d7103cedde8abba88df6216eb8b347456d64e488047b68aa3754d2a86f8f9b7533977d5037e37939f3a471277377ca9ca537cee789af
|
data/CHANGELOG.md
CHANGED
|
@@ -1,3 +1,28 @@
|
|
|
1
|
+
### 1.18.7 / 2020-07-07
|
|
2
|
+
* Fix host reference bug when switching to FIPS mode
|
|
3
|
+
* Ensure that net-ssh 6+ can access older FIPS systems
|
|
4
|
+
|
|
5
|
+
### 1.18.6 / 2020-06-24
|
|
6
|
+
* Fix Vagrant snapshot issues
|
|
7
|
+
|
|
8
|
+
### 1.18.5 / 2020-06-24
|
|
9
|
+
* Allow Vagrant to connect to EL8+ hosts in FIPS mode
|
|
10
|
+
* Add EL8 support to the SSG scans
|
|
11
|
+
|
|
12
|
+
### 1.18.4 / 2020-03-31
|
|
13
|
+
* Fix capturing error messages when inspec fails to generate results
|
|
14
|
+
|
|
15
|
+
### 1.18.3 / 2020-02-24
|
|
16
|
+
* Fix the Windows library loading location.
|
|
17
|
+
* No longer attempt to load windows libraries by default unless the system is
|
|
18
|
+
actually Windows
|
|
19
|
+
|
|
20
|
+
### 1.18.2 / 2020-02-24
|
|
21
|
+
|
|
22
|
+
* The previous location for loading the Windows libraries would not work in a
|
|
23
|
+
`:before` block. This moves it into its own module space.
|
|
24
|
+
* Bump to the working version of beaker and beaker-puppet
|
|
25
|
+
|
|
1
26
|
### 1.18.1 / 2020-02-12
|
|
2
27
|
* Fix gemspec dependencies
|
|
3
28
|
* Fix the windows library loading location
|
data/lib/simp/beaker_helpers.rb
CHANGED
|
@@ -11,7 +11,6 @@ module Simp::BeakerHelpers
|
|
|
11
11
|
require 'simp/beaker_helpers/snapshot'
|
|
12
12
|
require 'simp/beaker_helpers/ssg'
|
|
13
13
|
require 'simp/beaker_helpers/version'
|
|
14
|
-
require 'simp/beaker_helpers/windows'
|
|
15
14
|
|
|
16
15
|
# Stealing this from the Ruby 2.5 Dir::Tmpname workaround from Rails
|
|
17
16
|
def self.tmpname
|
|
@@ -19,26 +18,8 @@ module Simp::BeakerHelpers
|
|
|
19
18
|
"simp-beaker-helpers-#{t}-#{$$}-#{rand(0x100000000).to_s(36)}.tmp"
|
|
20
19
|
end
|
|
21
20
|
|
|
22
|
-
def load_windows_requirements
|
|
23
|
-
if is_windows
|
|
24
|
-
begin
|
|
25
|
-
require 'beaker-windows'
|
|
26
|
-
rescue LoadError
|
|
27
|
-
logger.error(%{You must include 'beaker-windows' in your Gemfile for windows support on #{host}})
|
|
28
|
-
exit 1
|
|
29
|
-
end
|
|
30
|
-
|
|
31
|
-
include BeakerWindows::Path
|
|
32
|
-
include BeakerWindows::Powershell
|
|
33
|
-
include BeakerWindows::Registry
|
|
34
|
-
include BeakerWindows::WindowsFeature
|
|
35
|
-
end
|
|
36
|
-
|
|
37
|
-
return is_windows
|
|
38
|
-
end
|
|
39
|
-
|
|
40
21
|
def is_windows?(sut)
|
|
41
|
-
|
|
22
|
+
sut[:platform] =~ /windows/i
|
|
42
23
|
end
|
|
43
24
|
|
|
44
25
|
# We can't cache this because it may change during a run
|
|
@@ -299,7 +280,7 @@ module Simp::BeakerHelpers
|
|
|
299
280
|
parallel = (ENV['BEAKER_SIMP_parallel'] == 'yes')
|
|
300
281
|
|
|
301
282
|
block_on(suts, :run_in_parallel => parallel) do |sut|
|
|
302
|
-
if sut
|
|
283
|
+
if is_windows?(sut)
|
|
303
284
|
puts " -- SKIPPING #{sut} because it is windows"
|
|
304
285
|
next
|
|
305
286
|
end
|
|
@@ -316,7 +297,7 @@ module Simp::BeakerHelpers
|
|
|
316
297
|
# TODO Use simp-ssh Puppet module appropriately (i.e., in a fashion
|
|
317
298
|
# that doesn't break vagrant access and is appropriate for
|
|
318
299
|
# typical module tests.)
|
|
319
|
-
fips_ssh_ciphers = [ 'aes256-
|
|
300
|
+
fips_ssh_ciphers = [ 'aes256-ctr','aes192-ctr','aes128-ctr']
|
|
320
301
|
on(sut, %(sed -i '/Ciphers /d' /etc/ssh/sshd_config))
|
|
321
302
|
on(sut, %(echo 'Ciphers #{fips_ssh_ciphers.join(',')}' >> /etc/ssh/sshd_config))
|
|
322
303
|
|
|
@@ -346,6 +327,16 @@ module Simp::BeakerHelpers
|
|
|
346
327
|
|
|
347
328
|
# Enable FIPS and then reboot to finish.
|
|
348
329
|
on(sut, %(puppet apply --verbose #{fips_enable_modulepath} -e "class { 'fips': enabled => true }"))
|
|
330
|
+
|
|
331
|
+
# Work around Vagrant and cipher restrictions in EL8+
|
|
332
|
+
#
|
|
333
|
+
# Hopefully, Vagrant will update the used ciphers at some point but who
|
|
334
|
+
# knows when that will be
|
|
335
|
+
opensshserver_config = '/etc/crypto-policies/back-ends/opensshserver.config'
|
|
336
|
+
if file_exists_on(sut, opensshserver_config)
|
|
337
|
+
on(sut, "sed --follow-symlinks -i 's/PubkeyAcceptedKeyTypes=/PubkeyAcceptedKeyTypes=ssh-rsa,/' #{opensshserver_config}")
|
|
338
|
+
end
|
|
339
|
+
|
|
349
340
|
sut.reboot
|
|
350
341
|
end
|
|
351
342
|
end
|
|
@@ -625,7 +616,10 @@ module Simp::BeakerHelpers
|
|
|
625
616
|
def fix_errata_on( suts = hosts )
|
|
626
617
|
parallel = (ENV['BEAKER_SIMP_parallel'] == 'yes')
|
|
627
618
|
block_on(suts, :run_in_parallel => parallel) do |sut|
|
|
628
|
-
if sut
|
|
619
|
+
if is_windows?(sut)
|
|
620
|
+
# Load the Windows requirements
|
|
621
|
+
require 'simp/beaker_helpers/windows'
|
|
622
|
+
|
|
629
623
|
# Install the necessary windows certificate for testing
|
|
630
624
|
#
|
|
631
625
|
# https://petersouter.xyz/testing-windows-with-beaker-without-cygwin/
|
|
@@ -1,5 +1,5 @@
|
|
|
1
1
|
module Simp::BeakerHelpers
|
|
2
|
-
# Helpers for
|
|
2
|
+
# Helpers for managing Vagrant snapshots
|
|
3
3
|
class Snapshot
|
|
4
4
|
# The name of the base snapshot that is created if no snapshots currently exist
|
|
5
5
|
BASE_NAME = '_simp_beaker_base'
|
|
@@ -18,9 +18,7 @@ module Simp::BeakerHelpers
|
|
|
18
18
|
|
|
19
19
|
if vdir
|
|
20
20
|
Dir.chdir(vdir) do
|
|
21
|
-
unless exist?(host, BASE_NAME)
|
|
22
|
-
save(host, BASE_NAME)
|
|
23
|
-
end
|
|
21
|
+
save(host, BASE_NAME) unless exist?(host, BASE_NAME)
|
|
24
22
|
|
|
25
23
|
snap = "#{host.name}_#{snapshot_name}"
|
|
26
24
|
|
|
@@ -67,7 +65,7 @@ module Simp::BeakerHelpers
|
|
|
67
65
|
Dir.chdir(vdir) do
|
|
68
66
|
output = %x(vagrant snapshot list #{host.name}).lines
|
|
69
67
|
output.map! do |x|
|
|
70
|
-
x.split(/^#{host.name}_/).last.strip
|
|
68
|
+
x.split(/^#{host.name}_/).last.split(':').first.delete('==>').strip
|
|
71
69
|
end
|
|
72
70
|
end
|
|
73
71
|
end
|
|
@@ -29,6 +29,17 @@ module Simp::BeakerHelpers
|
|
|
29
29
|
'python-jinja2'
|
|
30
30
|
]
|
|
31
31
|
|
|
32
|
+
EL8_PACKAGES = [
|
|
33
|
+
'python3',
|
|
34
|
+
'python3-pyyaml',
|
|
35
|
+
'cmake',
|
|
36
|
+
'git',
|
|
37
|
+
'openscap-python3',
|
|
38
|
+
'openscap-utils',
|
|
39
|
+
'python3-lxml',
|
|
40
|
+
'python3-jinja2'
|
|
41
|
+
]
|
|
42
|
+
|
|
32
43
|
OS_INFO = {
|
|
33
44
|
'RedHat' => {
|
|
34
45
|
'6' => {
|
|
@@ -46,6 +57,14 @@ module Simp::BeakerHelpers
|
|
|
46
57
|
'build_target' => 'rhel7',
|
|
47
58
|
'datastream' => 'ssg-rhel7-ds.xml'
|
|
48
59
|
}
|
|
60
|
+
},
|
|
61
|
+
'8' => {
|
|
62
|
+
'required_packages' => EL8_PACKAGES,
|
|
63
|
+
'ssg' => {
|
|
64
|
+
'profile_target' => 'rhel8',
|
|
65
|
+
'build_target' => 'rhel8',
|
|
66
|
+
'datastream' => 'ssg-rhel8-ds.xml'
|
|
67
|
+
}
|
|
49
68
|
}
|
|
50
69
|
},
|
|
51
70
|
'CentOS' => {
|
|
@@ -64,6 +83,14 @@ module Simp::BeakerHelpers
|
|
|
64
83
|
'build_target' => 'centos7',
|
|
65
84
|
'datastream' => 'ssg-centos7-ds.xml'
|
|
66
85
|
}
|
|
86
|
+
},
|
|
87
|
+
'8' => {
|
|
88
|
+
'required_packages' => EL8_PACKAGES,
|
|
89
|
+
'ssg' => {
|
|
90
|
+
'profile_target' => 'rhel8',
|
|
91
|
+
'build_target' => 'centos8',
|
|
92
|
+
'datastream' => 'ssg-centos8-ds.xml'
|
|
93
|
+
}
|
|
67
94
|
}
|
|
68
95
|
},
|
|
69
96
|
'OracleLinux' => {
|
|
@@ -73,8 +100,16 @@ module Simp::BeakerHelpers
|
|
|
73
100
|
'profile_target' => 'ol7',
|
|
74
101
|
'build_target' => 'ol7',
|
|
75
102
|
'datastream' => 'ssg-ol7-ds.xml'
|
|
103
|
+
},
|
|
104
|
+
'8' => {
|
|
105
|
+
'required_packages' => EL8_PACKAGES,
|
|
106
|
+
'ssg' => {
|
|
107
|
+
'profile_target' => 'ol8',
|
|
108
|
+
'build_target' => 'ol8',
|
|
109
|
+
'datastream' => 'ssg-ol8-ds.xml'
|
|
76
110
|
}
|
|
77
111
|
}
|
|
112
|
+
}
|
|
78
113
|
}
|
|
79
114
|
}
|
|
80
115
|
|
|
@@ -57,7 +57,7 @@ hosts.each do |host|
|
|
|
57
57
|
end
|
|
58
58
|
|
|
59
59
|
it 'can list the snapshots' do
|
|
60
|
-
expect(Simp::BeakerHelpers::Snapshot.list(host)).to eq ['test', 'test2']
|
|
60
|
+
expect(Simp::BeakerHelpers::Snapshot.list(host)).to eq ["#{host}", 'test', 'test2']
|
|
61
61
|
end
|
|
62
62
|
|
|
63
63
|
it 'can query for a specific snapshot' do
|
metadata
CHANGED
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
|
2
2
|
name: simp-beaker-helpers
|
|
3
3
|
version: !ruby/object:Gem::Version
|
|
4
|
-
version: 1.18.
|
|
4
|
+
version: 1.18.7
|
|
5
5
|
platform: ruby
|
|
6
6
|
authors:
|
|
7
7
|
- Chris Tessmer
|
|
@@ -9,7 +9,7 @@ authors:
|
|
|
9
9
|
autorequire:
|
|
10
10
|
bindir: bin
|
|
11
11
|
cert_chain: []
|
|
12
|
-
date: 2020-
|
|
12
|
+
date: 2020-07-08 00:00:00.000000000 Z
|
|
13
13
|
dependencies:
|
|
14
14
|
- !ruby/object:Gem::Dependency
|
|
15
15
|
name: beaker
|