From 69dcc04bdf202aee0da7d88b4503192116735ac8 Mon Sep 17 00:00:00 2001 From: nate Date: Wed, 15 Jul 2020 13:24:20 -0400 Subject: [PATCH] add support for newer distro versions (#48) * get rid of my local path in there basura! * support newer versions of distros - updated readme - added optional param to enable/disable yum repo * updated changelog * updated spec tests includes stuff for newer distro versions * set enabled to undef for debian not using it there * ensure pkg spec test has enabled defined * add new param to config spec * param was in the wrong place * did i miss this, too? * an errant osfamily error * 8 vs. 7 * update module metadata Co-authored-by: nate st. germain --- CHANGELOG.md | 9 ++++++ README.md | 1 + data/os/CentOS.yaml | 1 + manifests/init.pp | 5 ++++ manifests/params.pp | 2 ++ manifests/yum.pp | 2 +- metadata.json | 17 +++++++---- spec/classes/apt_spec.rb | 16 ++++++++++ spec/classes/configure_spec.rb | 55 +++++++++++++++++++++++++++------- spec/classes/init_spec.rb | 45 +++++++++++++++++++++++----- spec/classes/package_spec.rb | 48 +++++++++++++++++++++++++---- spec/classes/yum_spec.rb | 34 +++++++++++++++++++-- 12 files changed, 203 insertions(+), 32 deletions(-) diff --git a/CHANGELOG.md b/CHANGELOG.md index 9ed07f78..39557287 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -2,6 +2,15 @@ We'll track changes here starting with details about the 2.0 release and reference to earlier releases. +## 2.0.10 +### Added +- updated README with support for + - Debian 10 + - Ubuntu 20.04 + - CentOS/RedHat 8 +- updated tests for newer distros +- added optional parameter to enable/disable yum repo on rhel + ## 2.0.9 ### Fixed - merged PR simplifying ruleset args diff --git a/README.md b/README.md index 207283a8..21515340 100644 --- a/README.md +++ b/README.md @@ -54,6 +54,7 @@ Parameters * `threatstack::package_version` [optional string] - version of the `threatstack-agent` package to install (Default: `installed`) * `threatstack::repo_class` [optional string] - name of puppet class that configures the threatstack package repo (Default: either `threatstack::apt` or `threatstack::yum`, set in `threatstack::params` based on operating system) * `threatstack::repo_url` [optional string] - url used by threatstack package repo (Default: defined in `threatstack::params` for Debian and RedHat operating system families.) +* `threatstack::repo_enabled` [optional string] - enable/disable the threatstack repo (Default: defined in `threatstack::params` for RedHat operating system families.) * `threatstack::windows_download_url` [optional string] - url used to download Threatstack Agent MSI on Windows * `threatstack::windows_install_options` [optional array] - Windows MSI install options * `threatstack::windows_ts_package` [optional string] - Windows MSI package name diff --git a/data/os/CentOS.yaml b/data/os/CentOS.yaml index 239e4e29..bb7ceeed 100644 --- a/data/os/CentOS.yaml +++ b/data/os/CentOS.yaml @@ -1,4 +1,5 @@ --- threatstack::params: repo_class: '::threatstack::yum' + repo_enabled: '1' gpg_key: 'https://app.threatstack.com/RPM-GPG-KEY-THREATSTACK' diff --git a/manifests/init.pp b/manifests/init.pp index 85b8c33c..a7561835 100644 --- a/manifests/init.pp +++ b/manifests/init.pp @@ -49,6 +49,10 @@ # Manage agent package version. # type: string # +# [*repo_enabled*] +# Enable/disable yum repo +# type: string +# # [*repo_url*] # URL of installation repo. Useful to change if managing own repository. See # also `gpg_key`. @@ -119,6 +123,7 @@ $extra_args = $::threatstack::params::extra_args, $agent_config_args = undef, $repo_class = $::threatstack::params::repo_class, + $repo_enabled = $::threatstack::params::repo_enabled, $repo_url = $::threatstack::params::repo_url, $gpg_key = $::threatstack::params::gpg_key, $rulesets = $::threatstack::params::rulesets, diff --git a/manifests/params.pp b/manifests/params.pp index c8996885..530b8e69 100644 --- a/manifests/params.pp +++ b/manifests/params.pp @@ -49,6 +49,7 @@ } 'RedHat': { $repo_class = '::threatstack::yum' + $repo_enabled = '1' $gpg_key = 'https://app.threatstack.com/RPM-GPG-KEY-THREATSTACK' $gpg_key_file = '/etc/pki/rpm-gpg/RPM-GPG-KEY-THREATSTACK' $gpg_key_file_uri = "file://${gpg_key_file}" @@ -85,6 +86,7 @@ 'Debian': { $repo_class = '::threatstack::apt' $repo_url = 'https://pkg.threatstack.com/v2/Ubuntu' + $repo_enabled = undef $repo_gpg_id = 'ACCC2B02EA3A2409557B0AB991BB3B3C6EE04BD4' $release = $facts['os']['distro']['codename'] $repos = 'main' diff --git a/manifests/yum.pp b/manifests/yum.pp index 99a5f5b1..9b338153 100644 --- a/manifests/yum.pp +++ b/manifests/yum.pp @@ -39,7 +39,7 @@ yumrepo { 'threatstack': descr => 'Threat Stack Package Repository', - enabled => 1, + enabled => $::threatstack::repo_enabled, baseurl => $::threatstack::repo_url, gpgcheck => 1, gpgkey => $::threatstack::gpg_key_file_uri, diff --git a/metadata.json b/metadata.json index 798fff36..568b908f 100644 --- a/metadata.json +++ b/metadata.json @@ -1,12 +1,19 @@ { "name": "threatstack-threatstack", - "version": "2.0.9", + "version": "2.0.10", "author": "Threat Stack", "license": "Apache-2.0", "summary": "Installs the Threat Stack agent", "source": "https://github.com/threatstack/threatstack-puppet", "issues_url": "https://github.com/threatstack/threatstack-puppet/issues", "tags": ["threatstack"], + "data_provider": "hiera", + "requirements": [ + { + "name": "puppet", + "version_requirement": ">= 4.5.0 < 7.0.0" + } + ], "dependencies": [ { "name": "puppetlabs/stdlib", "version_requirement": ">= 4.2.2" }, {"name": "puppetlabs/apt", "version_requirement": ">= 6.2.1"}, @@ -17,22 +24,22 @@ "operatingsystem_support": [ { "operatingsystem":"RedHat", - "operatingsystemrelease":[ "7.0", "7.5" ] + "operatingsystemrelease":[ "7.0", "7.5", "8.0" ] }, { "operatingsystem":"CentOS", - "operatingsystemrelease":[ "7.0", "7.5" ] + "operatingsystemrelease":[ "7.0", "7.5", "8.0" ] }, { "operatingsystem":"Amazon" }, { "operatingsystem": "Ubuntu", - "operatingsystemrelease": [ "18.04", "16.04" ] + "operatingsystemrelease": [ "20.04", "18.04", "16.04" ] }, { "operatingsystem": "Debian", - "operatingsystemrelease": [ "9", "8" ] + "operatingsystemrelease": [ "10", "9", "8" ] }, { "operatingsystem": "Windows", diff --git a/spec/classes/apt_spec.rb b/spec/classes/apt_spec.rb index 43e8fd82..833f1efb 100644 --- a/spec/classes/apt_spec.rb +++ b/spec/classes/apt_spec.rb @@ -22,6 +22,22 @@ } end + context 'on Debian 10' do + let(:facts) { {'operatingsystem' => 'Debian', 'osfamily' => 'Debian', 'os' => { 'name' => 'Debian', 'release' => {'full' => '10.4', 'major' => '10', 'minor' => '4'}, 'distro' => {'codename' => 'buster'}, 'family' => 'Debian'} } } + let(:params) { { 'location' => REPO_URL, 'release' => 'buster', 'repos' => REPO_TYPE, 'key' => GPG_KEY_ID} } + it { + is_expected.to contain_apt__source('threatstack').with(ensure: 'present', location: REPO_URL, release: 'buster', repos: REPO_TYPE) + } + end + + context 'on Ubuntu 20.04' do + let(:facts) { {'osfamily' => 'Debian', 'os' => { 'name' => 'Ubuntu', 'release' => {'full' => '20.04', 'major' => '20.04'}, 'distro' => {'codename' => 'focal'}, 'family' => 'Debian'} }} + let(:params) { { 'location' => REPO_URL, 'release' => 'focal', 'repos' => REPO_TYPE, 'key' => GPG_KEY_ID} } + it { + is_expected.to contain_apt__source('threatstack').with(ensure: 'present', location: REPO_URL, release: 'focal', repos: REPO_TYPE) + } + end + context 'on Ubuntu 18.04' do let(:facts) { {'osfamily' => 'Debian', 'os' => { 'name' => 'Ubuntu', 'release' => {'full' => '18.04', 'major' => '18.04'}, 'distro' => {'codename' => 'bionic'}, 'family' => 'Debian'} }} let(:params) { { 'location' => REPO_URL, 'release' => 'bionic', 'repos' => REPO_TYPE, 'key' => GPG_KEY_ID} } diff --git a/spec/classes/configure_spec.rb b/spec/classes/configure_spec.rb index d87c1426..b0e1b8a4 100644 --- a/spec/classes/configure_spec.rb +++ b/spec/classes/configure_spec.rb @@ -7,7 +7,7 @@ context 'on Debian 8' do let(:facts) { {:operatingsystem => 'Debian', :osfamily => 'Debian', 'os' => { 'name' => 'Debian', 'release' => {'full' => '8.11', 'major' => '8', 'minor' => '11'}, 'distro' => {'codename' => 'jessie'}, 'family' => 'Debian'} } } - let(:pre_condition) { "class { 'threatstack': deploy_key => '#{deploy_key}', ts_hostname => '#{ts_hostname}', rulesets => ['Default Ruleset', 'Service Ruleset'], agent_config_args => [{'log.level' => 'debug'}]}" } + let(:pre_condition) { "class { 'threatstack': deploy_key => '#{deploy_key}', ts_hostname => '#{ts_hostname}', rulesets => ['Default Ruleset', 'Service Ruleset'], agent_config_args => [{'log.level' => 'debug'}], repo_enabled => true}" } it { should contain_exec('threatstack-agent-setup').with( :command => "/usr/bin/tsagent setup --deploy-key='#{deploy_key}' --hostname='#{ts_hostname}' --ruleset='Default Ruleset,Service Ruleset'" @@ -16,7 +16,25 @@ context 'on Debian 9' do let(:facts) { {:operatingsystem => 'Debian', :osfamily => 'Debian', 'os' => { 'name' => 'Debian', 'release' => {'full' => '9.1', 'major' => '9', 'minor' => '1'}, 'distro' => {'codename' => 'stretch'}, 'family' => 'Debian'} } } - let(:pre_condition) { "class { 'threatstack': deploy_key => '#{deploy_key}', ts_hostname => '#{ts_hostname}', rulesets => ['Default Ruleset', 'Service Ruleset'], agent_config_args => [{'log.level' => 'debug'}]}" } + let(:pre_condition) { "class { 'threatstack': deploy_key => '#{deploy_key}', ts_hostname => '#{ts_hostname}', rulesets => ['Default Ruleset', 'Service Ruleset'], agent_config_args => [{'log.level' => 'debug'}], repo_enabled => true}" } + + it { should contain_exec('threatstack-agent-setup').with( + :command => "/usr/bin/tsagent setup --deploy-key='#{deploy_key}' --hostname='#{ts_hostname}' --ruleset='Default Ruleset,Service Ruleset'" + )} + end + + context 'on Debian 10' do + let(:facts) { {:operatingsystem => 'Debian', :osfamily => 'Debian', 'os' => { 'name' => 'Debian', 'release' => {'full' => '10.4', 'major' => '10', 'minor' => '4'}, 'distro' => {'codename' => 'buster'}, 'family' => 'Debian'} } } + let(:pre_condition) { "class { 'threatstack': deploy_key => '#{deploy_key}', ts_hostname => '#{ts_hostname}', rulesets => ['Default Ruleset', 'Service Ruleset'], agent_config_args => [{'log.level' => 'debug'}], repo_enabled => true}" } + + it { should contain_exec('threatstack-agent-setup').with( + :command => "/usr/bin/tsagent setup --deploy-key='#{deploy_key}' --hostname='#{ts_hostname}' --ruleset='Default Ruleset,Service Ruleset'" + )} + end + + context 'on Ubuntu 20.04' do + let(:facts) { {:osfamily => 'Debian', 'os' => { 'name' => 'Ubuntu', 'release' => {'full' => '20.04', 'major' => '20'}, 'distro' => {'codename' => 'focal'}, 'family' => 'Debian'} }} + let(:pre_condition) { "class { 'threatstack': deploy_key => '#{deploy_key}', ts_hostname => '#{ts_hostname}', rulesets => ['Default Ruleset', 'Service Ruleset'], agent_config_args => [{'log.level' => 'debug'}], repo_enabled => true}" } it { should contain_exec('threatstack-agent-setup').with( :command => "/usr/bin/tsagent setup --deploy-key='#{deploy_key}' --hostname='#{ts_hostname}' --ruleset='Default Ruleset,Service Ruleset'" @@ -25,7 +43,7 @@ context 'on Ubuntu 18.04' do let(:facts) { {:osfamily => 'Debian', 'os' => { 'name' => 'Ubuntu', 'release' => {'full' => '18.04', 'major' => '18.04'}, 'distro' => {'codename' => 'bionic'}, 'family' => 'Debian'} }} - let(:pre_condition) { "class { 'threatstack': deploy_key => '#{deploy_key}', ts_hostname => '#{ts_hostname}', rulesets => ['Default Ruleset', 'Service Ruleset'], agent_config_args => [{'log.level' => 'debug'}]}" } + let(:pre_condition) { "class { 'threatstack': deploy_key => '#{deploy_key}', ts_hostname => '#{ts_hostname}', rulesets => ['Default Ruleset', 'Service Ruleset'], agent_config_args => [{'log.level' => 'debug'}], repo_enabled => true}" } it { should contain_exec('threatstack-agent-setup').with( :command => "/usr/bin/tsagent setup --deploy-key='#{deploy_key}' --hostname='#{ts_hostname}' --ruleset='Default Ruleset,Service Ruleset'" @@ -34,16 +52,34 @@ context 'on Ubuntu 16.04' do let(:facts) { {:osfamily => 'Debian', 'os' => { 'name' => 'Ubuntu', 'release' => {'full' => '16.04', 'major' => '16.04'}, 'distro' => {'codename' => 'xenial'}, 'family' => 'Debian'} }} - let(:pre_condition) { "class { 'threatstack': deploy_key => '#{deploy_key}', ts_hostname => '#{ts_hostname}', rulesets => ['Default Ruleset', 'Service Ruleset'], agent_config_args => [{'log.level' => 'debug'}]}" } + let(:pre_condition) { "class { 'threatstack': deploy_key => '#{deploy_key}', ts_hostname => '#{ts_hostname}', rulesets => ['Default Ruleset', 'Service Ruleset'], agent_config_args => [{'log.level' => 'debug'}], repo_enabled => true}" } it { should contain_exec('threatstack-agent-setup').with( :command => "/usr/bin/tsagent setup --deploy-key='#{deploy_key}' --hostname='#{ts_hostname}' --ruleset='Default Ruleset,Service Ruleset'" )} end - context 'on Redhat' do + context 'on Redhat 8' do + let(:facts) { { :operatingsystem => 'RedHat', :osfamily => 'RedHat', :operatingsystemrelease => '8.0', 'operatingsystemmajrelease' => '8', 'os' => { 'release' => { 'major' => '8'}, 'name' => 'RedHat', 'family' => 'RedHat'} } } + let(:pre_condition) { "class { 'threatstack': deploy_key => '#{deploy_key}', ts_hostname => '#{ts_hostname}', rulesets => ['Default Ruleset', 'Service Ruleset'], agent_config_args => [{'log.level' => 'debug'}], repo_enabled => '1'}" } + + it { should contain_exec('threatstack-agent-setup').with( + :command => "/usr/bin/tsagent setup --deploy-key='#{deploy_key}' --hostname='#{ts_hostname}' --ruleset='Default Ruleset,Service Ruleset'" + )} + end + + context 'on Redhat 7' do let(:facts) { { :operatingsystem => 'RedHat', :osfamily => 'RedHat', :operatingsystemrelease => '7.0', 'operatingsystemmajrelease' => '7', 'os' => { 'release' => { 'major' => '7'}, 'name' => 'RedHat', 'family' => 'RedHat'} } } - let(:pre_condition) { "class { 'threatstack': deploy_key => '#{deploy_key}', ts_hostname => '#{ts_hostname}', rulesets => ['Default Ruleset', 'Service Ruleset'], agent_config_args => [{'log.level' => 'debug'}]}" } + let(:pre_condition) { "class { 'threatstack': deploy_key => '#{deploy_key}', ts_hostname => '#{ts_hostname}', rulesets => ['Default Ruleset', 'Service Ruleset'], agent_config_args => [{'log.level' => 'debug'}], repo_enabled => '1'}" } + + it { should contain_exec('threatstack-agent-setup').with( + :command => "/usr/bin/tsagent setup --deploy-key='#{deploy_key}' --hostname='#{ts_hostname}' --ruleset='Default Ruleset,Service Ruleset'" + )} + end + + context 'on CentOS 8' do + let(:facts) { { :operatingsystem => 'CentOS', :osfamily => 'RedHat',:operatingsystemrelease => '8.2.2004', 'operatingsystemmajrelease' => '8', 'os' => { 'release' => { 'major' => '8'}, 'name' => 'CentOS', 'family' => 'RedHat'} } } + let(:pre_condition) { "class { 'threatstack': deploy_key => '#{deploy_key}', ts_hostname => '#{ts_hostname}', rulesets => ['Default Ruleset', 'Service Ruleset'], agent_config_args => [{'log.level' => 'debug'}], repo_enabled => '1'}" } it { should contain_exec('threatstack-agent-setup').with( :command => "/usr/bin/tsagent setup --deploy-key='#{deploy_key}' --hostname='#{ts_hostname}' --ruleset='Default Ruleset,Service Ruleset'" @@ -52,7 +88,7 @@ context 'on CentOS 7' do let(:facts) { { :operatingsystem => 'CentOS', :osfamily => 'RedHat',:operatingsystemrelease => '7.6.1810', 'operatingsystemmajrelease' => '7', 'os' => { 'release' => { 'major' => '7'}, 'name' => 'CentOS', 'family' => 'RedHat'} } } - let(:pre_condition) { "class { 'threatstack': deploy_key => '#{deploy_key}', ts_hostname => '#{ts_hostname}', rulesets => ['Default Ruleset', 'Service Ruleset'], agent_config_args => [{'log.level' => 'debug'}]}" } + let(:pre_condition) { "class { 'threatstack': deploy_key => '#{deploy_key}', ts_hostname => '#{ts_hostname}', rulesets => ['Default Ruleset', 'Service Ruleset'], agent_config_args => [{'log.level' => 'debug'}], repo_enabled => '1'}" } it { should contain_exec('threatstack-agent-setup').with( :command => "/usr/bin/tsagent setup --deploy-key='#{deploy_key}' --hostname='#{ts_hostname}' --ruleset='Default Ruleset,Service Ruleset'" @@ -61,7 +97,7 @@ context 'on Amazon Linux 2' do let(:facts) { { :operatingsystem => 'Amazon', :osfamily => 'RedHat', :operatingsystemrelease => '2', 'operatingsystemmajrelease' => '2', 'os' => { 'release' => { 'major' => '2'}, 'name' => 'Amazon', 'family' => 'RedHat'} } } - let(:pre_condition) { "class { 'threatstack': deploy_key => '#{deploy_key}', ts_hostname => '#{ts_hostname}', rulesets => ['Default Ruleset', 'Service Ruleset'], agent_config_args => [{'log.level' => 'debug'}]}" } + let(:pre_condition) { "class { 'threatstack': deploy_key => '#{deploy_key}', ts_hostname => '#{ts_hostname}', rulesets => ['Default Ruleset', 'Service Ruleset'], agent_config_args => [{'log.level' => 'debug'}], repo_enabled => '1'}" } it { should contain_exec('threatstack-agent-setup').with( :command => "/usr/bin/tsagent setup --deploy-key='#{deploy_key}' --hostname='#{ts_hostname}' --ruleset='Default Ruleset,Service Ruleset'" @@ -70,11 +106,10 @@ context 'on Amazon Linux 1' do let(:facts) { {:operatingsystem => 'Amazon', :osfamily => 'RedHat', :operatingsystemrelease => '2018', 'operatingsystemmajrelease' => '2018', 'os' => { 'release' => { 'major' => '2018'}, 'name' => 'Amazon', 'family' => 'RedHat'} } } - let(:pre_condition) { "class { 'threatstack': deploy_key => '#{deploy_key}', ts_hostname => '#{ts_hostname}', rulesets => ['Default Ruleset', 'Service Ruleset'], agent_config_args => [{'log.level' => 'debug'}]}" } + let(:pre_condition) { "class { 'threatstack': deploy_key => '#{deploy_key}', ts_hostname => '#{ts_hostname}', rulesets => ['Default Ruleset', 'Service Ruleset'], agent_config_args => [{'log.level' => 'debug'}], repo_enabled => '1'}" } it { should contain_exec('threatstack-agent-setup').with( :command => "/usr/bin/tsagent setup --deploy-key='#{deploy_key}' --hostname='#{ts_hostname}' --ruleset='Default Ruleset,Service Ruleset'" )} end - end diff --git a/spec/classes/init_spec.rb b/spec/classes/init_spec.rb index 7b544f4b..b4eaae20 100644 --- a/spec/classes/init_spec.rb +++ b/spec/classes/init_spec.rb @@ -22,6 +22,24 @@ it { should contain_class('threatstack::configure') } end + context 'on Debian 10' do + let(:facts) { {:operatingsystem => 'Debian', :osfamily => 'Debian', 'os' => { 'name' => 'Debian', 'release' => {'full' => '10.4', 'major' => '10', 'minor' => '4'}, 'distro' => {'codename' => 'buster'}, 'family' => 'Debian'} } } + let(:params) { { :deploy_key => "#{deploy_key}" } } + + it 'should compile' do should create_class('threatstack') end + it { should contain_class('threatstack::package') } + it { should contain_class('threatstack::configure') } + end + + context 'on Ubuntu 20.04' do + let(:facts) { {:osfamily => 'Debian', 'os' => { 'name' => 'Ubuntu', 'release' => {'full' => '20.04', 'major' => '20.04'}, 'distro' => {'codename' => 'focal'}, 'family' => 'Debian'} }} + let(:params) { { :deploy_key => "#{deploy_key}" } } + + it 'should compile' do should create_class('threatstack') end + it { should contain_class('threatstack::package') } + it { should contain_class('threatstack::configure') } + end + context 'on Ubuntu 18.04' do let(:facts) { {:osfamily => 'Debian', 'os' => { 'name' => 'Ubuntu', 'release' => {'full' => '18.04', 'major' => '18.04'}, 'distro' => {'codename' => 'bionic'}, 'family' => 'Debian'} }} let(:params) { { :deploy_key => "#{deploy_key}" } } @@ -40,24 +58,40 @@ it { should contain_class('threatstack::configure') } end - context 'on RedHat' do + context 'on RedHat 8' do + let(:facts) { { :osfamily => 'RedHat', :operatingsystem => 'RedHat', :operatingsystemrelease => '8.2.2004', 'operatingsystemmajrelease' => '8', 'os' => { 'release' => { 'full' => '8.2.2004', 'major' => '8', 'minor' => '2'}, 'name' => 'RedHat', 'family' => 'RedHat'} } } + let(:params) { { :deploy_key => "#{deploy_key}" } } + + it 'should compile' do should create_class('threatstack') end + it { should contain_class('threatstack::package') } + it { should contain_class('threatstack::configure') } + end + + context 'on RedHat 7' do let(:facts) { { :osfamily => 'RedHat', :operatingsystem => 'RedHat', :operatingsystemrelease => '7.5', 'operatingsystemmajrelease' => '7', 'os' => { 'release' => { 'full' => '7.5', 'major' => '7', 'minor' => '5'}, 'name' => 'RedHat', 'family' => 'RedHat'} } } let(:params) { { :deploy_key => "#{deploy_key}" } } it 'should compile' do should create_class('threatstack') end it { should contain_class('threatstack::package') } it { should contain_class('threatstack::configure') } + end + + context 'on CentOS 8' do + let(:facts) { { :osfamily => 'RedHat', :operatingsystem => 'CentOS', :operatingsystemrelease => '8.2.2004', 'operatingsystemmajrelease' => '8', 'os' => { 'release' => { 'full' => '8.2.2004', 'major' => '8', 'minor' => '2'}, 'name' => 'CentOS', 'family' => 'RedHat'} } } + let(:params) { { :deploy_key => "#{deploy_key}" } } + it 'should compile' do should create_class('threatstack') end + it { should contain_class('threatstack::package') } + it { should contain_class('threatstack::configure') } end - context 'on CentOS' do + context 'on CentOS 7' do let(:facts) { {:osfamily => 'RedHat', :operatingsystem => 'CentOS', :operatingsystemrelease => '7.4.1708', 'operatingsystemmajrelease' => '7', 'os' => { 'release' => { 'full' => '7.4.1708', 'major' => '7', 'minor' => '4'}, 'name' => 'CentOS', 'family' => 'RedHat'} } } let(:params) { { :deploy_key => "#{deploy_key}" } } it 'should compile' do should create_class('threatstack') end it { should contain_class('threatstack::package') } it { should contain_class('threatstack::configure') } - end context 'on Amazon Linux 2' do @@ -67,10 +101,8 @@ it 'should compile' do should create_class('threatstack') end it { should contain_class('threatstack::package') } it { should contain_class('threatstack::configure') } - end - context 'on Amazon Linux 1' do let(:facts) { { :operatingsystem => 'Amazon', :osfamily => 'RedHat', :operatingsystemrelease => '2018', 'operatingsystemmajrelease' => '2018', 'os' => { 'name' => 'Amazon', 'family' => 'RedHat', 'release' => { 'major' => '2018'}} } } let(:params) { { :deploy_key => "#{deploy_key}" } } @@ -78,8 +110,5 @@ it 'should compile' do should create_class('threatstack') end it { should contain_class('threatstack::package') } it { should contain_class('threatstack::configure') } - end - - end diff --git a/spec/classes/package_spec.rb b/spec/classes/package_spec.rb index cca23c86..3c3bf6ff 100644 --- a/spec/classes/package_spec.rb +++ b/spec/classes/package_spec.rb @@ -3,9 +3,27 @@ describe 'threatstack::package' do deploy_key = ENV['TS_DEPLOY_KEY'] ? ENV['TS_DEPLOY_KEY'] : "xKkRzesqg" - context 'on RedHat' do + context 'on RedHat 8' do + let(:facts) { { :osfamily => 'RedHat', :operatingsystem => 'RedHat', :operatingsystemrelease => '8.2', 'operatingsystemmajrelease' => '8', 'os' => { 'release' => { 'full' => '8.2', 'major' => '8', 'minor' => '2'}, 'name' => 'RedHat', 'family' => 'RedHat'} } } + let(:pre_condition) { "class { 'threatstack': deploy_key => '#{deploy_key}', gpg_key => 'https://app.threatstack.com/RPM-GPG-KEY-THREATSTACK', repo_class => '::threatstack::yum', repo_enabled => '1' }" } + + context 'package' do + it { should contain_package('threatstack-agent').with_ensure('installed') } + end + end + + context 'on RedHat 7' do let(:facts) { { :osfamily => 'RedHat', :operatingsystem => 'RedHat', :operatingsystemrelease => '7.5', 'operatingsystemmajrelease' => '7', 'os' => { 'release' => { 'full' => '7.5', 'major' => '7', 'minor' => '5'}, 'name' => 'RedHat', 'family' => 'RedHat'} } } - let(:pre_condition) { "class { 'threatstack': deploy_key => '#{deploy_key}', gpg_key => 'https://app.threatstack.com/RPM-GPG-KEY-THREATSTACK', repo_class => '::threatstack::yum' }" } + let(:pre_condition) { "class { 'threatstack': deploy_key => '#{deploy_key}', gpg_key => 'https://app.threatstack.com/RPM-GPG-KEY-THREATSTACK', repo_class => '::threatstack::yum', repo_enabled => '1' }" } + + context 'package' do + it { should contain_package('threatstack-agent').with_ensure('installed') } + end + end + + context 'on CentOS 8' do + let(:facts) { {:operatingsystem => 'CentOS', :osfamily => 'RedHat', :operatingsystemrelease => '8.2.2004', 'operatingsystemmajrelease' => '8', 'os' => { 'release' => { 'major' => '8'}, 'name' => 'CentOS', 'family' => 'RedHat'} } } + let(:pre_condition) { "class { 'threatstack': deploy_key => '#{deploy_key}', gpg_key => 'https://app.threatstack.com/RPM-GPG-KEY-THREATSTACK', repo_class => '::threatstack::yum', repo_enabled => '1' }" } context 'package' do it { should contain_package('threatstack-agent').with_ensure('installed') } @@ -13,8 +31,8 @@ end context 'on CentOS 7' do - let(:facts) { {:operatingsystem => 'CentOs', :osfamily => 'RedHat', :operatingsystemrelease => '7.6.1810', 'operatingsystemmajrelease' => '7', 'os' => { 'release' => { 'major' => '7'}, 'name' => 'CentOS', 'family' => 'RedHat'} } } - let(:pre_condition) { "class { 'threatstack': deploy_key => '#{deploy_key}', gpg_key => 'https://app.threatstack.com/RPM-GPG-KEY-THREATSTACK', repo_class => '::threatstack::yum' }" } + let(:facts) { {:operatingsystem => 'CentOS', :osfamily => 'RedHat', :operatingsystemrelease => '7.6.1810', 'operatingsystemmajrelease' => '7', 'os' => { 'release' => { 'major' => '7'}, 'name' => 'CentOS', 'family' => 'RedHat'} } } + let(:pre_condition) { "class { 'threatstack': deploy_key => '#{deploy_key}', gpg_key => 'https://app.threatstack.com/RPM-GPG-KEY-THREATSTACK', repo_class => '::threatstack::yum', repo_enabled => '1' }" } context 'package' do it { should contain_package('threatstack-agent').with_ensure('installed') } @@ -23,7 +41,7 @@ context 'on Amazon Linux 2' do let(:facts) { { :operatingsystem => 'Amazon', :osfamily => 'RedHat', :operatingsystemrelease => '2.0', 'operatingsystemmajrelease' => '2', 'os' => { 'release' => { 'major' => '2'}, 'name' => 'Amazon', 'family' => 'RedHat'} } } - let(:pre_condition) { "class { 'threatstack': deploy_key => '#{deploy_key}', gpg_key => 'https://app.threatstack.com/RPM-GPG-KEY-THREATSTACK', repo_class => '::threatstack::yum' }" } + let(:pre_condition) { "class { 'threatstack': deploy_key => '#{deploy_key}', gpg_key => 'https://app.threatstack.com/RPM-GPG-KEY-THREATSTACK', repo_class => '::threatstack::yum', repo_enabled => '1' }" } context 'package' do it { should contain_package('threatstack-agent').with_ensure('installed') } @@ -32,7 +50,7 @@ context 'on Amazon Linux 1' do let(:facts) { {:operatingsystem => 'Amazon', :osfamily => 'RedHat', :operatingsystemrelease => '2018', 'operatingsystemmajrelease' => '1', 'os' => { 'release' => { 'major' => '1'}, 'name' => 'Amazon', 'family' => 'RedHat'} } } - let(:pre_condition) { "class { 'threatstack': deploy_key => '#{deploy_key}', gpg_key => 'https://app.threatstack.com/RPM-GPG-KEY-THREATSTACK', repo_class => '::threatstack::yum' }" } + let(:pre_condition) { "class { 'threatstack': deploy_key => '#{deploy_key}', gpg_key => 'https://app.threatstack.com/RPM-GPG-KEY-THREATSTACK', repo_class => '::threatstack::yum', repo_enabled => '1' }" } context 'package' do it { should contain_package('threatstack-agent').with_ensure('installed') } @@ -57,6 +75,24 @@ end end + context 'on Debian 10' do + let(:facts) { {:operatingsystem => 'Debian', :osfamily => 'Debian', 'os' => { 'name' => 'Debian', 'release' => {'full' => '10.4', 'major' => '10', 'minor' => '4'}, 'distro' => {'codename' => 'buster'}, 'family' => 'Debian'} } } + let(:pre_condition) { "class { 'threatstack': deploy_key => '#{deploy_key}', gpg_key => 'https://app.threatstack.com/APT-GPG-KEY-THREATSTACK', repo_class => '::threatstack::apt' }" } + + context 'package' do + it { should contain_package('threatstack-agent').with_ensure('installed') } + end + end + + context 'on Ubuntu 20.04' do + let(:facts) { {:osfamily => 'Debian', 'os' => { 'name' => 'Ubuntu', 'release' => {'full' => '20.04', 'major' => '20.04'}, 'distro' => {'codename' => 'focal'}, 'family' => 'Debian'} }} + let(:pre_condition) { "class { 'threatstack': deploy_key => '#{deploy_key}', gpg_key => 'https://app.threatstack.com/APT-GPG-KEY-THREATSTACK', repo_class => '::threatstack::apt' }" } + + context 'package' do + it { should contain_package('threatstack-agent').with_ensure('installed') } + end + end + context 'on Ubuntu 18.04' do let(:facts) { {:osfamily => 'Debian', 'os' => { 'name' => 'Ubuntu', 'release' => {'full' => '18.04', 'major' => '18.04'}, 'distro' => {'codename' => 'bionic'}, 'family' => 'Debian'} }} let(:pre_condition) { "class { 'threatstack': deploy_key => '#{deploy_key}', gpg_key => 'https://app.threatstack.com/APT-GPG-KEY-THREATSTACK', repo_class => '::threatstack::apt' }" } diff --git a/spec/classes/yum_spec.rb b/spec/classes/yum_spec.rb index 4c4d732b..78cd605a 100644 --- a/spec/classes/yum_spec.rb +++ b/spec/classes/yum_spec.rb @@ -5,7 +5,22 @@ deploy_key = ENV['TS_DEPLOY_KEY'] ? ENV['TS_DEPLOY_KEY'] : "xKkRzesqg" gpgkey = 'file:///etc/pki/rpm-gpg/RPM-GPG-KEY-THREATSTACK' - context 'on RedHat' do + context 'on RedHat 8' do + let(:facts) { { :operatingsystem => 'RedHat', 'operatingsystemrelease' => '8.2.2004', :osfamily => 'RedHat', 'operatingsystemmajrelease' => '8', 'os' => { 'release' => { 'major' => '8'}, 'name' => 'RedHat', 'family' => 'RedHat'} } } + let(:pre_condition) { "class { 'threatstack': deploy_key => '#{deploy_key}', gpg_key => 'https://app.threatstack.com/RPM-GPG-KEY-THREATSTACK', repo_enabled => '1'}" } + + context 'default' do + it { should contain_yumrepo('threatstack').with( + :descr => 'Threat Stack Package Repository', + :enabled => 1, + :baseurl => 'https://pkg.threatstack.com/v2/EL/8', + :gpgcheck => 1, + :gpgkey => 'file:///etc/pki/rpm-gpg/RPM-GPG-KEY-THREATSTACK' + ) } + end + end + + context 'on RedHat 7' do let(:facts) { { :operatingsystem => 'RedHat', 'operatingsystemrelease' => '7.6.1810', :osfamily => 'RedHat', 'operatingsystemmajrelease' => '7', 'os' => { 'release' => { 'major' => '7'}, 'name' => 'RedHat', 'family' => 'RedHat'} } } let(:pre_condition) { "class { 'threatstack': deploy_key => '#{deploy_key}', gpg_key => 'https://app.threatstack.com/RPM-GPG-KEY-THREATSTACK' }" } @@ -20,7 +35,22 @@ end end - context 'on CentOS' do + context 'on CentOS 8' do + let(:facts) { {:operatingsystem => 'CentOS', 'operatingsystemrelease' => '8.2.2004', :osfamily => 'RedHat', 'operatingsystemmajrelease' => '8', 'os' => { 'release' => { 'major' => '8'}, 'name' => 'CentOS', 'family' => 'RedHat'} } } + let(:pre_condition) { "class { 'threatstack': deploy_key => '#{deploy_key}', gpg_key => 'https://app.threatstack.com/RPM-GPG-KEY-THREATSTACK', repo_enabled => '1' }" } + + context 'default' do + it { should contain_yumrepo('threatstack').with( + :descr => 'Threat Stack Package Repository', + :enabled => 1, + :baseurl => 'https://pkg.threatstack.com/v2/EL/8', + :gpgcheck => 1, + :gpgkey => 'file:///etc/pki/rpm-gpg/RPM-GPG-KEY-THREATSTACK' + ) } + end + end + + context 'on CentOS 7' do let(:facts) { {:operatingsystem => 'CentOS', 'operatingsystemrelease' => '7.6.1810', :osfamily => 'RedHat', 'operatingsystemmajrelease' => '7', 'os' => { 'release' => { 'major' => '7'}, 'name' => 'CentOS', 'family' => 'RedHat'} } } let(:pre_condition) { "class { 'threatstack': deploy_key => '#{deploy_key}', gpg_key => 'https://app.threatstack.com/RPM-GPG-KEY-THREATSTACK' }" }