simp-beaker-helpers 1.0.9 → 1.0.10
Sign up to get free protection for your applications and to get access to all the features.
- checksums.yaml +8 -8
- data/README.md +2 -4
- data/lib/simp/beaker_helpers.rb +18 -1
- metadata +1 -1
checksums.yaml
CHANGED
@@ -1,15 +1,15 @@
|
|
1
1
|
---
|
2
2
|
!binary "U0hBMQ==":
|
3
3
|
metadata.gz: !binary |-
|
4
|
-
|
4
|
+
YTBmNTc3N2ZjYWQ2MzliZDEwNjk1YzJhNGRkYjQ3NzQ5OTA5YjdmNw==
|
5
5
|
data.tar.gz: !binary |-
|
6
|
-
|
6
|
+
MjhkNmEwYTAyNDU3OTc1OWI4ODVmZjJjZmU1YTI3NjNiNjMwYzI1Yg==
|
7
7
|
SHA512:
|
8
8
|
metadata.gz: !binary |-
|
9
|
-
|
10
|
-
|
11
|
-
|
9
|
+
Zjc2NzE3OTMxZjYwMjAzMjQ5NzQyODQ3MGVjMzkyYjE4MDI0NTIwODQ0YTQ4
|
10
|
+
Nzg3Yjc5ZTA4MzE1MDY0NWU1YTg1ODZlZmUxZWRiMDhmOGQwMmZkYzY5MjM0
|
11
|
+
N2NmYjU2YWMwY2M2ZjFiMWEwZjRhOGQ2ZDQyYTdjOTc2MDhlOWY=
|
12
12
|
data.tar.gz: !binary |-
|
13
|
-
|
14
|
-
|
15
|
-
|
13
|
+
MTkwMWU3MzFiMDVjYTdiNmU4YWZjNWZlYTZlMmI3NDQ5Nzg4NmZkZWE4ZWM4
|
14
|
+
NmRkZDAwMjVmMTQ3MjA1ZGMzMjViNjFiZTFjYmEyMzZlOTIwYzk2NGQ2ZWZm
|
15
|
+
N2MyOThlNzIwMjc5MGRhMGViYjczMGJmMTMxYzg2ZjQ4NGNkZDU=
|
data/README.md
CHANGED
@@ -38,12 +38,10 @@ gem 'simp-beaker-helpers'
|
|
38
38
|
|
39
39
|
Add this to your project's `spec/spec_helper_acceptance.rb`:
|
40
40
|
```ruby
|
41
|
-
require 'simp
|
42
|
-
include
|
41
|
+
require 'simp/beaker_helpers'
|
42
|
+
include Simp::BeakerHelpers
|
43
43
|
```
|
44
44
|
|
45
|
-
|
46
|
-
|
47
45
|
## Methods
|
48
46
|
|
49
47
|
#### `copy_fixture_modules_to`
|
data/lib/simp/beaker_helpers.rb
CHANGED
@@ -1,7 +1,7 @@
|
|
1
1
|
module Simp; end
|
2
2
|
|
3
3
|
module Simp::BeakerHelpers
|
4
|
-
VERSION = '1.0.
|
4
|
+
VERSION = '1.0.10'
|
5
5
|
|
6
6
|
# Locates .fixture.yml in or above this directory.
|
7
7
|
def fixtures_yml_path
|
@@ -91,6 +91,18 @@ module Simp::BeakerHelpers
|
|
91
91
|
puts ' -- (use BEAKER_fips=no to disable)'
|
92
92
|
suts.each do |sut|
|
93
93
|
puts " -- enabling FIPS on '#{sut}'"
|
94
|
+
|
95
|
+
# We need to use FIPS compliant algorithms and keylengths as per the FIPS
|
96
|
+
# certification.
|
97
|
+
on(sut, 'puppet config set digest_algorithm sha256')
|
98
|
+
on(sut, 'puppet config set keylength 2048')
|
99
|
+
|
100
|
+
# We need to be able to get back into our system!
|
101
|
+
# Make these safe for all systems, even old ones.
|
102
|
+
fips_ssh_ciphers = [ 'aes256-cbc','aes192-cbc','aes128-cbc']
|
103
|
+
on(sut, %(sed -i '/Ciphers /d' /etc/ssh/sshd_config))
|
104
|
+
on(sut, %(echo 'Ciphers #{fips_ssh_ciphers.join(',')}' >> /etc/ssh/sshd_config))
|
105
|
+
|
94
106
|
if fact_on(sut, 'osfamily') == 'RedHat'
|
95
107
|
pp = <<-EOS
|
96
108
|
# This is necessary to prevent a kernel panic after rebooting into FIPS
|
@@ -156,6 +168,11 @@ DEFAULT_KERNEL_TITLE=`/sbin/grubby --info=\\\${DEFAULT_KERNEL_INFO} | grep -m1 t
|
|
156
168
|
unless ENV['BEAKER_fips'] == 'no'
|
157
169
|
enable_fips_mode_on(suts)
|
158
170
|
end
|
171
|
+
|
172
|
+
suts.each do |sut|
|
173
|
+
# Clean up YUM prior to starting our test runs.
|
174
|
+
on( sut, 'yum clean all' )
|
175
|
+
end
|
159
176
|
end
|
160
177
|
|
161
178
|
|