Merge pull request #28 from olhado/remove-1x

Remove 1x

Author: olhado

.gitignore

@@ -1,3 +1,4 @@
+.DS_Store
 .kitchen/
 .bundle
 .kitchen.local.yml

.kitchen.yml

@@ -1,46 +1,199 @@
 ---
 driver:
-  name: vagrant
+  name: docker
 
 provisioner:
   name: salt_solo
+  bootstrap_url: 'https://raw.githubusercontent.com/olhado/kitchen-salt/master/assets/install.sh'
   is_file_root: true
   # Use this section (and comment out the `threatstack.sls` definition in the `pillars` section)
   # to grab pillar data from the `pillar.example` file
-  pillars_from_files:
-    threatstack.sls: pillar.example
+  # pillars_from_files:
+  #   threatstack.sls: pillar.example
   pillars:
     top.sls:
       base:
         '*':
           - threatstack
     # Use this section (and comment out the `pillars_from_files` section)
     # to grab pillar data from environment variables
-    # threatstack.sls:
-    #   deploy_key: <%= ENV['TS_DEPLOY_KEY'] != nil ? ENV['TS_DEPLOY_KEY'] : 'ts_deploy_key' %>
-    #   ts_agent_version: <%= ENV['TS_PACKAGE_VERSION'] %>
-    #   <% if ENV['TS_CONFIG_ARGS'] %>
-    #   ts_agent_config_args: <%= ENV['TS_CONFIG_ARGS'] %>
-    #   <% end %>
-    #   ts_agent_version: <%= ENV['TS_PACKAGE_VERSION'] %>
-    # ts_configure_agent: <%= ENV['TS_CONFIGURE_AGENT'] %>
-    # ts_agent_latest: <%= ENV['TS_AGENT_LATEST'] %>
-    #   <% if ENV['TS_SETUP_ARGS'] %>
-    #   ts_agent_extra_args: <%= ENV['TS_SETUP_ARGS'] %>
-    #   <% end %>
+    threatstack.sls:
+      deploy_key: <%= ENV['TS_DEPLOY_KEY'] != nil ? ENV['TS_DEPLOY_KEY'] : 'ts_deploy_key' %>
+      <% if ENV['TS_PACKAGE_VERSION'] %>
+      ts_agent_version: <%= ENV['TS_PACKAGE_VERSION'] %>
+      <% end %>
+      <% if ENV['TS_CONFIGURE_AGENT'] %>
+      ts_configure_agent: <%= ENV['TS_CONFIGURE_AGENT'] %>
+      <% end %>
+      <% if ENV['TS_SETUP_ARGS'] %>
+      ts_agent_extra_args: <%= ENV['TS_SETUP_ARGS'] %>
+      <% end %>
+      <% if ENV['TS_CONFIG_ARGS'] %>
+      ts_agent_config_args: <%= ENV['TS_CONFIG_ARGS'] %>
+      <% end %>
   state_top:
     base:
       '*':
         - threatstack
 
 platforms:
-  - name: centos-6
-  - name: centos-7.6
-  - name: debian-8.11
-  - name: debian-9.6
-  - name: ubuntu-14.04
+  - name: amazonlinux-1
+    image: amazonlinux:1
+    driver_config:
+      run_command: /sbin/init
+      privileged: true
+      run_options:
+        env: container=docker
+      volume:
+        - /sys/fs/cgroup:/sys/fs/cgroup
+      provision_command:
+        - yum install -y ruby24
+        - alternatives --set ruby /usr/bin/ruby2.4
+        - yum install -y audit initscripts
+        - sed -i 's/local_events = yes/local_events = no/g' /etc/audit/auditd.conf
+        - chkconfig auditd on
+  - name: amazonlinux-2
+    image: amazonlinux:2
+    driver_config:
+      run_command: /sbin/init
+      privileged: true
+      run_options:
+        env: container=docker
+      volume:
+        - /sys/fs/cgroup:/sys/fs/cgroup
+      provision_command:
+        - amazon-linux-extras install ruby2.6
+        - yum install -y ruby-devel gcc make
+        - gem install io-console --install-dir=/tmp/verifier/gems
+        - chown -R kitchen:kitchen /tmp/verifier
+        - yum install -y audit initscripts
+        - sed -i 's/local_events = yes/local_events = no/g' /etc/audit/auditd.conf
+        - systemctl enable auditd.service
+    image: centos:7
+  - name: centos-7
+    image: centos:7
+    driver_config:
+      run_command: /sbin/init
+      privileged: true
+      run_options:
+        env: container=docker
+      volume:
+        - /sys/fs/cgroup:/sys/fs/cgroup
+      provision_command:
+        - yum install -y ruby ruby-devel git
+        - yum install -y centos-release-scl-rh
+        - yum install -y rh-ruby26
+        - mkdir -p /opt/chef/embedded/bin
+        - ln -s "/opt/rh/rh-ruby26/root/usr/bin/gem" /opt/chef/embedded/bin/
+        - ln -s "/opt/rh/rh-ruby26/root/usr/bin/ruby" /opt/chef/embedded/bin/
+        - |
+          printf "LD_LIBRARY_PATH=/opt/rh/rh-ruby26/root/usr/local/lib64:/opt/rh/rh-ruby26/root/usr/lib64\n"\
+          >> /etc/environment
+        - yum install -y audit initscripts
+        - sed -i 's/local_events = yes/local_events = no/g' /etc/audit/auditd.conf
+        - systemctl enable auditd.service
+  - name: centos-8
+    image: centos:8
+    driver_config:
+      run_command: /sbin/init
+      privileged: true
+      run_options:
+        env: container=docker
+      volume:
+        - /sys/fs/cgroup:/sys/fs/cgroup
+      provision_command:
+        - yum install -y audit initscripts
+        - sed -i 's/local_events = yes/local_events = no/g' /etc/audit/auditd.conf
+        - systemctl enable auditd.service
+  - name: debian-8
+    image: debian:8
+    driver_config:
+      run_command: /sbin/init
+      cap_add:
+        - SYS_ADMIN
+      run_options:
+        env: container=docker
+      volume:
+        - /sys/fs/cgroup:/sys/fs/cgroup
+      provision_command:
+        - |
+          apt-get install -y checkinstall build-essential zlib1g-dev libssl-dev libreadline6-dev libyaml-dev wget && \
+          wget https://cache.ruby-lang.org/pub/ruby/2.6/ruby-2.6.6.tar.gz && \
+          tar xfz ruby-2.6.6.tar.gz && \
+          echo "364b143def360bac1b74eb56ed60b1a0dca6439b00157ae11ff77d5cd2e92291 ruby-2.6.6.tar.gz" | sha256sum -c && \
+          cd ruby-2.6.6 && ./configure && make && make install && rm ../ruby-2.6.6.tar.gz
+        - sed -i 's/UsePAM yes/UsePAM no/g' /etc/ssh/sshd_config
+        - systemctl enable ssh.service
+  - name: debian-9
+    image: debian:9
+    driver_config:
+      run_command: /bin/systemd
+      cap_add:
+        - SYS_ADMIN
+      run_options:
+        env: container=docker
+      volume:
+        - /sys/fs/cgroup:/sys/fs/cgroup
+      provision_command:
+        - sed -i 's/UsePAM yes/UsePAM no/g' /etc/ssh/sshd_config
+        - systemctl enable ssh.service
+  - name: debian-10
+    image: debian:10
+    driver_config:
+      run_command: /sbin/init
+      cap_add:
+        - SYS_ADMIN
+      run_options:
+        env: container=docker
+      volume:
+        - /sys/fs/cgroup:/sys/fs/cgroup
+      provision_command:
+        - sed -i 's/UsePAM yes/UsePAM no/g' /etc/ssh/sshd_config
+        - systemctl enable ssh.service
   - name: ubuntu-16.04
+    image: ubuntu:16.04
+    driver_config:
+      run_command: /sbin/init
+      cap_add:
+        - SYS_ADMIN
+      run_options:
+        env: container=docker
+      volume:
+        - /sys/fs/cgroup:/sys/fs/cgroup
+      provision_command:
+        - sed -i 's/UsePAM yes/UsePAM no/g' /etc/ssh/sshd_config
+        - systemctl enable ssh.service
   - name: ubuntu-18.04
+    image: ubuntu:18.04
+    driver_config:
+      run_command: /sbin/init
+      cap_add:
+        - SYS_ADMIN
+      run_options:
+        env: container=docker
+      volume:
+        - /sys/fs/cgroup:/sys/fs/cgroup
+      provision_command:
+        - sed -i 's/UsePAM yes/UsePAM no/g' /etc/ssh/sshd_config
+        - systemctl enable ssh.service
+  - name: ubuntu-20.04
+    image: ubuntu:20.04
+    driver_config:
+      run_command: /sbin/init
+      cap_add:
+        - SYS_ADMIN
+      run_options:
+        env: container=docker
+      volume:
+        - /sys/fs/cgroup:/sys/fs/cgroup
+      provision_command:
+        - sed -i 's/UsePAM yes/UsePAM no/g' /etc/ssh/sshd_config
+        - systemctl enable ssh.service
 
 suites:
   - name: default
+  - name: custom
+    provisioner:
+      pillars:
+        threatstack.sls:
+          ts_agent_config_args: "--set log.maxSize 22"

Gemfile

@@ -1,15 +1,13 @@
-source 'https://rubygems.org'
-
 source ENV['GEM_SOURCE'] || 'https://rubygems.org'
 
 group :development, :unit_tests do
-  gem 'rake',                        :require => false
+  gem 'rake',           :require => false
 end
 group :system_tests do
-  gem 'serverspec',      :require => false
-  gem 'test-kitchen',    :require => false
-  gem 'kitchen-salt',  :require => false
-  gem 'kitchen-vagrant', :require => false
+  gem 'serverspec',     :require => false
+  gem 'test-kitchen',   :require => false
+  gem 'kitchen-salt',   :require => false
+  gem 'kitchen-docker', :require => false
 end
 
 # vim:ft=ruby

README.md

@@ -2,7 +2,13 @@
 
 A formula for installing Threat Stack agent
 
-This formula supports installing agent 1.x and agent 2.x
+This formula supports installing agent 2.x
+
+>>>
+**No longer supports Threat Stack agent 1.x**
+
+For 1.x support, look at the 2.x versions of this formula.
+>>>
 
 ## Available states
 The following states are available:
@@ -16,13 +22,10 @@ The following states are available:
 * `ts_configure_agent:`     [optional] If the agent should be configured during run.  Set to False if installing agent into an AMI.
     * ex. True
 * `ts_agent_version:`       [optional] Version of agent to install.  By default if this setting is omitted, the latest version will be installed.  Set a version to maintain consistency in an environment.
-    * ex. "1.4.5.0ubuntu14.0"
-* `ts_agent_config_args:`   [optional] Optional arguments to be passed to `cloudsight config` or `tsagent config` (depends on version of agent).  Use this to enable optional features.
-    * agent 1.x ex. "--enable_foo=1"
+    * ex. "2.0.0.0ubuntu20.0"
     * agent 2.x ex. "--set enable_foo 1"
-* `ts_agent_extra_args:`    [optional] Optional arguments to be passed to `cloudsight setup` or `tsagent setup` (depends on version of agent).
-    * Please refer to the agent documentation or check the appropriate help output for `cloudsight setup`/`tsagent setup`.
-* `ts_agent_1x_platforms:`  [required] This list defines the linux distributions (and versions) that should use the 1.x agent. This should only be changed if you have reviewed this salt formula, and understand the ramifications.
+* `ts_agent_extra_args:`    [optional] Optional arguments to be passed to `tsagent setup`.
+    * Please refer to the agent documentation or check the appropriate help output for `tsagent setup`.
 
 ## Testing
 There is currently no spec testing as a saltstack rspec module does not exist.
@@ -34,7 +37,7 @@ Integration testing can be configured two different ways.
 This method requires the following:
 * Uncommenting the section for `threatstack.sls` in `.kitchen.yml`
 * Commenting out the `pillars_from_files` section in `.kitchen.yml`
-* Setting `TS_DEPLOY_KEY` in the environment to a valid key value for tests to succeed.
+* Setting `TS_DEPLOY_KEY`, `TS_CONFIGURE_AGENT`, `TS_PACKAGE_VERSION` in the environment to a valid key value for tests to succeed.
 ```
 export TS_DEPLOY_KEY='<deploy_key>'
 bundle exec kitchen test

pillar.example

@@ -1,6 +1,5 @@
 deploy_key: "xxxx-xxxx-your-secret-key-xxxx"
+ts_agent_version: 2.3.0*
 ts_configure_agent: True
-ts_agent_version: 1.4.5.0ubuntu14.0
-ts_agent_config_args: '--enable_foo=1'
 ts_agent_extra_args: ''
-ts_agent_1x_platforms: ['CentOS-6', 'RHEL-6', 'Ubuntu-trusty', 'Debian-wheezy']
+ts_agent_config_args: ''

test/integration/custom/serverspec/default_spec.rb

@@ -0,0 +1,16 @@
+require 'serverspec'
+
+set :backend, :exec
+
+describe package('threatstack-agent') do
+  it { should be_installed }
+end
+
+describe service('threatstack') do
+  it { should be_running }
+  it { should be_enabled }
+end
+
+describe command('tsagent config --list') do
+  its(:stdout) { should match /log.maxSize=22/ } # rubocop: disable Lint/AmbiguousRegexpLiteral
+end

test/integration/default/serverspec/default_spec.rb

@@ -0,0 +1,17 @@
+require 'serverspec'
+
+set :backend, :exec
+
+describe package('threatstack-agent') do
+  it { should be_installed }
+end
+
+describe service('threatstack') do
+  it { should be_running }
+  it { should be_enabled }
+end
+
+describe command('tsagent status') do
+  # Sometimes due to other services, like auditd, the install would be successful, but then this service would get killed
+  its(:stdout) { should match /UP Threat Stack Audit Collection/ } # rubocop: disable Lint/AmbiguousRegexpLiteral
+end