v2.2.0 (#7)

* WIP

* Do it CircleCI!

* WIP [skip ci]

* Moved circleci config to root. Not currently doing any other script includes etc. [skip ci]

* awslogsd their python setup sucks! [skip ci]

* awslogsd their python setup sucks! [skip ci]

* 2.2.0 - Read Changelog

* 2.2.0 - Read Changelog

* 2.2.0 - Read Changelog

Author: LevonBecker

.kitchen.yml

@@ -4,7 +4,7 @@ verifier:
   name: inspec
   format: <%= ENV['CI'] ? 'junit' : 'cli' %>
   <% if ENV['CI'] %>
-  output: "test-reports/%{platform}_%{suite}_inspec.xml"
+  output: "reports/%{platform}_%{suite}_inspec.xml"
   <% end %>
 
 platforms:
@@ -156,8 +156,10 @@ suites:
           git: https://github.com/bonusbits/inspec_bootstrap.git
         - name: bonusbits_base
           git: https://github.com/bonusbits/inspec_bonusbits_base.git
+#        - path: ../inspec_bonusbits_base
       attributes:
         chef_version: '12.19.36'
+        configure_backups: 'true'
     includes: ["amazon-ec2"]
 
   - name: ec2_base_epel_repo
@@ -241,7 +243,6 @@ suites:
       inspec_tests:
         - name: bootstrap
           git: https://github.com/bonusbits/inspec_bootstrap.git
-#        - path: test/inspec_bonusbits_base
         - name: bonusbits_base
           git: https://github.com/bonusbits/inspec_bonusbits_base.git
       attributes:
@@ -261,6 +262,7 @@ suites:
           git: https://github.com/bonusbits/inspec_bootstrap.git
         - name: bonusbits_base
           git: https://github.com/bonusbits/inspec_bonusbits_base.git
+#        - path: ../inspec_bonusbits_base
       attributes:
         chef_version: '12.19.36'
     attributes:

CHANGELOG.md

@@ -1,5 +1,14 @@
 ## CHANGE LOG
 
+## 2.2.0 - 06/14/2017 - Levon Becker
+* Updated Cloudwatch Logs logic for CentOS and RHEL support.
+* Switched to using bonusbits_library shell library to DRY up some code
+* Added Cookbook version badge to README
+* Added backup to s3 logic
+* Added Cloudwatch monitoring agent setup
+* Added default aws region for testing some logic outside AWS
+* Fixed awslogs additional logs logic for if nil
+
 ## 2.1.9 - 04/15/2017 - Levon Becker
 * Removed unnecessary attributes in kitchen config now that auto deployment discovery wrote.
 * Fixed CircleCI detection

Gemfile

@@ -1,7 +1,7 @@
 source 'https://rubygems.org'
 
 gem 'berkshelf', '~> 5.6'
-gem 'rake', '~> 12.0.0'
+gem 'rake', '~> 12.0'
 
 group :style do
   gem 'chef', '12.19.36'

README.md

@@ -1,5 +1,6 @@
 # Bonus Bits Base Cookbook
 [![Circle CI](https://circleci.com/gh/bonusbits/bonusbits_base/tree/master.svg?style=shield)](https://circleci.com/gh/bonusbits/bonusbits_base/tree/master)
+[![Chef cookbook](https://img.shields.io/badge/cookbook-v2.2.0-blue.svg)](https://github.com/bonusbits/bonusbits_base)
 [![Join the chat at https://gitter.im/bonusbits/bonusbits_base](https://badges.gitter.im/bonusbits/bonusbits_base.svg)](https://gitter.im/bonusbits/bonusbits_base?utm_source=badge&utm_medium=badge&utm_campaign=pr-badge&utm_content=badge)
 
 # Purpose

Rakefile

@@ -28,7 +28,7 @@ namespace :unit do
   RSpec::Core::RakeTask.new(:circleci_rspec) do |test|
     # t.fail_on_error = false
     test.rspec_opts =
-      '--no-drb -r rspec_junit_formatter --format RspecJunitFormatter -o $CIRCLE_TEST_REPORTS/rspec/junit.xml'
+      '--no-drb -r rspec_junit_formatter --format RspecJunitFormatter -o reports/rspec.xml'
   end
 end
 

attributes/aws.rb

@@ -1,15 +1,17 @@
 default['bonusbits_base']['aws']['install_tools'] = false
+
 default['bonusbits_base']['aws']['inside'] =
   if node['bonusbits_base']['deployment_location'] == 'aws'
     true
   else
     false
   end
+
 default['bonusbits_base']['aws']['region'] =
   if node['bonusbits_base']['aws']['inside']
     node['ec2']['placement_availability_zone'].slice(0..-2)
   else
-    'unknown'
+    'us-west-2'
   end
 
 # Debug

attributes/backups.rb

@@ -0,0 +1,66 @@
+default['bonusbits_base']['backups'].tap do |backups|
+  backups['configure'] = false
+
+  # Paths
+  backups['local_tmp_path'] = '/tmp/backups'
+  # Array of Paths to backup
+  backups['backup_paths'] = %w(/etc /opt)
+  backups['script_filename'] = 'backup_to_s3.rb'
+  backups['script_fullname'] = "/usr/bin/#{node['bonusbits_base']['backups']['script_filename']}"
+  script_fullname = node['bonusbits_base']['backups']['script_fullname']
+  backups['cron_command'] =
+    if ::File.exist?('/opt/chef/embedded/bin/ruby')
+      "/opt/chef/embedded/bin/ruby #{script_fullname}"
+    elsif ::File.exist?('/opt/chefdk/embedded/bin/ruby')
+      "/opt/chefdk/embedded/bin/ruby #{script_fullname}"
+    elsif ::File.exist?('/usr/bin/ruby')
+      "/usr/bin/ruby #{script_fullname}"
+    else
+      raise 'ERROR: Ruby Path Not Found!'
+    end
+
+  # Filename
+  backups['filename'] =
+    if node['bonusbits_base']['aws']['inside']
+      "#{node['ec2']['instance_id']}-backup.tar.gz"
+    else
+      'backups.tar.gz'
+    end
+
+  # S3
+  ## Recommended to turn on Versioning and add Lifecycle to bucket
+  backups['s3_bucket_name'] = 'backup_bucket' # !! Required Override !!
+  filename = node['bonusbits_base']['backups']['filename']
+  env = run_state['detected_environment']
+  s3_backup_bucket = node['bonusbits_base']['backups']['s3_bucket_name']
+  backups['s3_full_path'] = "#{s3_backup_bucket}/backups/#{env}/#{filename}"
+
+  # Cron
+  ## Default is Daily at 11PM Server Time
+  backups['minutes'] = '0'
+  backups['hours'] = '23'
+  backups['days'] = '*'
+  backups['month'] = '*'
+  backups['weekday'] = '*'
+
+  # Backup Logs
+  backups['configure_log_rotate'] = true
+  backups['log_path'] = '/var/log/backups.log'
+end
+
+# Debug
+message_list = [
+  '',
+  '** Backups **',
+  "Configure                   (#{node['bonusbits_base']['backups']['configure']})",
+  "Backup Filename             (#{node['bonusbits_base']['backups']['filename']})",
+  "Script Filename             (#{node['bonusbits_base']['backups']['script_filename']})",
+  "Script Fullname             (#{node['bonusbits_base']['backups']['script_fullname']})",
+  "Local Temp Path             (#{node['bonusbits_base']['backups']['local_tmp_path']})",
+  "S3 Full Path                (#{node['bonusbits_base']['backups']['s3_full_path']})",
+  "Config Log Rotate           (#{node['bonusbits_base']['backups']['configure_log_rotate']})",
+  "Log Path                    (#{node['bonusbits_base']['backups']['log_path']})"
+]
+message_list.each do |message|
+  Chef::Log.warn(message)
+end

attributes/cloudwatch.rb

@@ -0,0 +1,30 @@
+default['bonusbits_base']['cloudwatch'].tap do |cloudwatch|
+  cloudwatch['configure'] = true
+
+  # Monitoring Scripts (AWS Examples Default)
+  cloudwatch['zip_filename'] = 'CloudWatchMonitoringScripts-1.2.1.zip'
+  zip_filename = node['bonusbits_base']['cloudwatch']['zip_filename']
+  cloudwatch['scripts_url'] =
+    "http://aws-cloudwatch.s3.amazonaws.com/downloads/#{zip_filename}"
+  cloudwatch['zip_fullname'] = "#{node['bonusbits_base']['local_file_cache']}/#{zip_filename}"
+
+  # Cron
+  cloudwatch['cron_command'] = '/opt/aws-scripts-mon/mon-put-instance-data.pl'
+  cloudwatch['cron_command'] += ' --mem-util --mem-used'
+  cloudwatch['cron_command'] += ' --mem-avail --disk-space-util'
+  cloudwatch['cron_command'] += ' --disk-path=/ --from-cron'
+end
+
+# Debug
+message_list = [
+  '',
+  '** CloudWatch Monitoring **',
+  "Configure                   (#{node['bonusbits_base']['cloudwatch']['configure']})",
+  "Zip Filename                (#{node['bonusbits_base']['cloudwatch']['zip_filename']})",
+  "Zip Fullname                (#{node['bonusbits_base']['cloudwatch']['zip_fullname']})",
+  "Scripts URL                 (#{node['bonusbits_base']['cloudwatch']['scripts_url']})",
+  "Cron Command                (#{node['bonusbits_base']['cloudwatch']['cron_command']})"
+]
+message_list.each do |message|
+  Chef::Log.warn(message)
+end

attributes/cloudwatch_logs.rb

@@ -1,6 +1,6 @@
 default['bonusbits_base']['cloudwatch_logs']['configure'] = true
 default['bonusbits_base']['cloudwatch_logs']['logs_group_name'] = 'kitchen-bonusbits-base'
-# default['bonusbits_base']['cloudwatch_logs']['additional_logs'] = nil
+default['bonusbits_base']['cloudwatch_logs']['additional_logs'] = nil
 # additional_logs = node['bonusbits_base']['cloudwatch_logs']['additional_logs'].nil? ? false : true
 
 # Debug

attributes/default.rb

@@ -7,59 +7,72 @@
     'dev'
   end
 
-# Determine Deployment Type
-default['bonusbits_base']['deployment_type'] =
-  if node['virtualization']['system'] == 'docker'
-    # if node['virtualization']['systems']['docker'] == 'guest'
-    'docker'
-  elsif node['virtualization']['system'] == 'lxc'
-    'lxc'
-  elsif node['virtualization']['system'] == 'lxd'
-    'lxd'
-  elsif node['virtualization']['system'] == 'kvm'
-    'kvm'
-  elsif node['virtualization']['system'] == 'vbox'
-    'vbox'
-  elsif BonusBits::Discovery.ec2?(node['fqdn'], node['platform_family'])
-    'ec2'
-  else
-    'other'
-  end
+default['bonusbits_base'].tap do |root|
+  # Determine Deployment Type
+  root['deployment_type'] =
+    if node['virtualization']['system'] == 'docker'
+      # if node['virtualization']['systems']['docker'] == 'guest'
+      'docker'
+    elsif node['virtualization']['system'] == 'lxc'
+      'lxc'
+    elsif node['virtualization']['system'] == 'lxd'
+      'lxd'
+    elsif node['virtualization']['system'] == 'kvm'
+      'kvm'
+    elsif node['virtualization']['system'] == 'vbox'
+      'vbox'
+    elsif BonusBits::Discovery.ec2?(node['fqdn'], node['platform_family'])
+      'ec2'
+    else
+      'other'
+    end
 
-# Determine Deployment Location
-## Circleci Logic Does not work if spawning Docker
-## containers in CircleCi because nested VM. Override in Kitchen Config
-default['bonusbits_base']['deployment_location'] =
-  if ENV['CIRCLECI']
-    'circleci'
-  elsif BonusBits::Discovery.aws?(node['fqdn'], node['platform_family'])
-    'aws'
-  else
-    'local'
-  end
+  # Determine Deployment Location
+  ## Circleci Logic Does not work if spawning Docker
+  ## containers in CircleCi because nested VM. Override in Kitchen Config
+  root['deployment_location'] =
+    if ENV['CIRCLECI']
+      'circleci'
+    elsif BonusBits::Discovery.aws?(node['fqdn'], node['platform_family'])
+      'aws'
+    else
+      'local'
+    end
 
-# Determine Deployment Method
-## Mostly for Conditioning Audit Cookbook (Kitchen Handles the Audit when Used)
-## TODO: Added vbox discovery?
-deployment_location = node['bonusbits_base']['deployment_location']
-deployment_type = node['bonusbits_base']['deployment_type']
-deployment_location_local = deployment_location == 'local'
-deployment_type_docker = deployment_type == 'docker'
+  # Determine Deployment Method
+  ## Mostly for Conditioning Audit Cookbook (Kitchen Handles the Audit when Used)
+  ## TODO: Added vbox discovery?
+  deployment_location = node['bonusbits_base']['deployment_location']
+  deployment_type = node['bonusbits_base']['deployment_type']
+  deployment_location_local = deployment_location == 'local'
+  deployment_type_docker = deployment_type == 'docker'
 
-default['bonusbits_base']['deployment_method'] =
-  if ::File.directory?('/tmp/kitchen')
-    'kitchen'
-  elsif ::File.exist?('/var/lib/cloud/instance/scripts/part-001')
-    'cloudformation'
-  elsif deployment_type_docker && deployment_location_local
-    'dockerfile'
-  elsif deployment_type_docker
-    'dockerimage'
-  else
-    'unknown'
-  end
+  root['deployment_method'] =
+    if ::File.directory?('/tmp/kitchen')
+      'kitchen'
+    elsif ::File.exist?('/var/lib/cloud/instance/scripts/part-001')
+      'cloudformation'
+    elsif deployment_type_docker && deployment_location_local
+      'dockerfile'
+    elsif deployment_type_docker
+      'dockerimage'
+    else
+      'unknown'
+    end
 
-default['bonusbits_base']['local_file_cache'] = Chef::Config[:file_cache_path]
+  # File Cache
+  root['local_file_cache'] = Chef::Config[:file_cache_path]
+
+  # Chef Install Path
+  root['chef_path'] =
+    if ::File.directory?('/opt/chef')
+      '/opt/chef'
+    elsif ::File.directory?('/opt/chefdk')
+      '/opt/chefdk'
+    else
+      raise 'ERROR: Chef Install Path Not Found!'
+    end
+end
 
 # Debug
 message_list = [
@@ -68,7 +81,9 @@
   "Detected Environment        (#{run_state['detected_environment']})",
   "Deployment Type             (#{node['bonusbits_base']['deployment_type']})",
   "Deployment Location         (#{node['bonusbits_base']['deployment_location']})",
-  "Deployment Method           (#{node['bonusbits_base']['deployment_method']})"
+  "Deployment Method           (#{node['bonusbits_base']['deployment_method']})",
+  "Local File Cache            (#{node['bonusbits_base']['local_file_cache']})",
+  "Chef Install Path           (#{node['bonusbits_base']['chef_path']})"
 ]
 message_list.each do |message|
   Chef::Log.warn(message)