Amazon 1 tests (#35)

* created auditd test branch

* don't reassign that variable

* move that down a bit in the case statements

* fix amazon linux repo url and auditd disabling

* updated spec for yum/amazon test

* use old style os fact

* ensure facts are in specs

* wow, okay. missed another spot.

* disable auditd on rhel like oses

* don't set param twice

* updated readme and changelog

* updated metadata

* fix amazon linux 1 compatibility

* fix style

* make sure debian has this param defined, just in case

* fix amazon linux 1 spec tests

* fact wasn't defined

* and another one

* updated changelog, readme

Author: rockpapergoat

CHANGELOG.md

@@ -2,6 +2,10 @@
 
 We'll track changes here starting with details about the 2.0 release and reference to earlier releases.
 
+## 2.0.2
+### Fixed
+- fixed amazon linux 1 support and tests
+
 ## 2.0.1
 ### Changed
 - added optional parameter `disable_auditd` to handle issues users reported installing on RHEL-like OSes

README.md

@@ -41,6 +41,7 @@ Parameters
 * `threatstack::configure_agent` [optiona bool] - Set to false to just install agent without configuring. Useful for image building.
 * `threatstack::agent_config_args` [optional array of hashes] - Extra arguments to pass during agent activation. Useful for enabling new platform features.
 * `threatstack::disable_auditd` [optional bool] - Disable `auditd` service to avoid installation issues. (Default is 'true' on RHEL-like OSes.)
+* `threatstack::disable_auditd_cmd` [optional string] - related to `threatstack::disable_auditd`, the OS version dependent command to disable auditd (Default: set in `threatstack::params` based on operating system)
 * `threatstack::extra_args` [optional array of hashes] - optional array of hashes to define setup options for the threatstack agent (Default: `undef`)
 * `threatstack::confdir` [optional string] - path to config directory for the threatstack service (Default: '/opt/threatstack/etc')
 * `threatstack::ts_hostname` [optional string] - hostname of your node (Default: `$::fqdn`)

manifests/init.pp

@@ -12,6 +12,10 @@
 #   Required to work around issues with auditd on some distros
 #   type: bool
 #
+# [*disable_auditd_cmd*]
+#   Systemd vs. SysV init, related to above
+#   type: string
+#
 # [*extra_args*]
 #   Extra arguments to pass on the command line during agent activation.
 #   type: array of hashes
@@ -80,18 +84,19 @@
 # Copyright 2016 Threat Stack, Inc.
 #
 class threatstack (
-  $deploy_key        = undef,
-  $package_version   = $::threatstack::params::package_version,
-  $configure_agent   = true,
-  $extra_args        = $::threatstack::params::extra_args,
-  $agent_config_args = undef,
-  $repo_class        = $::threatstack::params::repo_class,
-  $repo_url          = $::threatstack::params::repo_url,
-  $gpg_key           = $::threatstack::params::gpg_key,
-  $rulesets          = $::threatstack::params::rulesets,
-  $confdir           = $::threatstack::params::confdir,
-  $ts_hostname       = $::fqdn,
-  $disable_auditd    = $::threatstack::params::disable_auditd
+  $deploy_key         = undef,
+  $package_version    = $::threatstack::params::package_version,
+  $configure_agent    = true,
+  $extra_args         = $::threatstack::params::extra_args,
+  $agent_config_args  = undef,
+  $repo_class         = $::threatstack::params::repo_class,
+  $repo_url           = $::threatstack::params::repo_url,
+  $gpg_key            = $::threatstack::params::gpg_key,
+  $rulesets           = $::threatstack::params::rulesets,
+  $confdir            = $::threatstack::params::confdir,
+  $ts_hostname        = $::fqdn,
+  $disable_auditd     = $::threatstack::params::disable_auditd,
+  $disable_auditd_cmd = $::threatstack::params::disable_auditd_cmd
 ) inherits ::threatstack::params {
 
   $ts_package = $::threatstack::params::ts_package

manifests/package.pp

@@ -27,7 +27,7 @@
     }
 
     exec { 'disable_auditd':
-      command => '/bin/systemctl disable auditd',
+      command => $::threatstack::disable_auditd_cmd,
       require => Exec['stop_auditd']
     }
 

manifests/params.pp

@@ -36,22 +36,31 @@
 
       case $facts['os']['name'] {
         'Amazon': {
-              $repo_url       = "https://pkg.threatstack.com/v2/Amazon/${::operatingsystemmajrelease}"
-            }
+          if $facts['os']['release']['major'] =~ /^201\d$/ {
+            $releasever         = '1'
+            $disable_auditd_cmd = '/sbin/chkconfig auditd off'
+          } else {
+            $releasever         = $facts['os']['release']['major']
+            $disable_auditd_cmd = '/bin/systemctl disable auditd'
+          }
+            $repo_url = "https://pkg.threatstack.com/v2/Amazon/${releasever}"
+        }
         /(CentOS|RedHat)/: {
-              $repo_url         = "https://pkg.threatstack.com/v2/EL/${::operatingsystemmajrelease}"
-            }
+              $repo_url           = "https://pkg.threatstack.com/v2/EL/${::operatingsystemmajrelease}"
+              $disable_auditd_cmd = '/bin/systemctl disable auditd'
+        }
         default: { fail("Module ${module_name} does not support ${::operatingsystem}") }
       }
     }
     'Debian': {
-      $repo_class     = '::threatstack::apt'
-      $repo_url       = 'https://pkg.threatstack.com/v2/Ubuntu'
-      $repo_gpg_id    = 'ACCC2B02EA3A2409557B0AB991BB3B3C6EE04BD4'
-      $release        = $facts['os']['distro']['codename']
-      $repos          = 'main'
-      $gpg_key        = 'https://app.threatstack.com/APT-GPG-KEY-THREATSTACK'
-      $disable_auditd = false
+      $repo_class         = '::threatstack::apt'
+      $repo_url           = 'https://pkg.threatstack.com/v2/Ubuntu'
+      $repo_gpg_id        = 'ACCC2B02EA3A2409557B0AB991BB3B3C6EE04BD4'
+      $release            = $facts['os']['distro']['codename']
+      $repos              = 'main'
+      $gpg_key            = 'https://app.threatstack.com/APT-GPG-KEY-THREATSTACK'
+      $disable_auditd     = false
+      $disable_auditd_cmd = '/bin/systemctl disable auditd'
     }
     default: {
       fail("Module ${module_name} does not support ${::operatingsystem}")

spec/classes/configure_spec.rb

@@ -59,7 +59,7 @@
     )}
   end
 
-  context 'on Amazon Linux' do
+  context 'on Amazon Linux 2' do
     let(:facts) {  {'operatingsystemmajrelease' => '2', 'os' => {  'release' => { 'major' => '2'}, 'name' => 'Amazon', 'family' => 'RedHat'} } }
     let(:pre_condition) { "class { 'threatstack': deploy_key => '#{deploy_key}', ts_hostname => '#{ts_hostname}', rulesets => ['Default Ruleset', 'Service Ruleset'], agent_config_args => [{'log.level' => 'debug'}]}" }
 
@@ -68,4 +68,13 @@
     )}
   end
 
+  context 'on Amazon Linux 1' do
+    let(:facts) {  {'operatingsystemmajrelease' => '2018', 'os' => {  'release' => { 'major' => '2018'}, 'name' => 'Amazon', 'family' => 'RedHat'} } }
+    let(:pre_condition) { "class { 'threatstack': deploy_key => '#{deploy_key}', ts_hostname => '#{ts_hostname}', rulesets => ['Default Ruleset', 'Service Ruleset'], agent_config_args => [{'log.level' => 'debug'}]}" }
+
+    it { should contain_exec('threatstack-agent-setup').with(
+      :command => "/usr/bin/tsagent setup --deploy-key='#{deploy_key}' --hostname='#{ts_hostname}' --ruleset='Default Ruleset' --ruleset='Service Ruleset'"
+    )}
+  end
+
 end

spec/classes/init_spec.rb

@@ -60,8 +60,8 @@
 
   end
 
-  context 'on Amazon' do
-    let(:facts) { { 'operatingsystemmajrelease' => '2', 'os' => { 'name' => 'Amazon', 'family' => 'RedHat'} } }
+  context 'on Amazon Linux 2' do
+    let(:facts) { { 'operatingsystemmajrelease' => '2', 'os' => { 'name' => 'Amazon', 'family' => 'RedHat', 'release' => { 'major' => '2'}} } }
     let(:params) { { :deploy_key => "#{deploy_key}" } }
 
     it 'should compile' do should create_class('threatstack') end
@@ -71,5 +71,15 @@
   end
 
 
+  context 'on Amazon Linux 1' do
+    let(:facts) { { 'operatingsystemmajrelease' => '2018', 'os' => { 'name' => 'Amazon', 'family' => 'RedHat', 'release' => { 'major' => '2018'}} } }
+    let(:params) { { :deploy_key => "#{deploy_key}" } }
+
+    it 'should compile' do should create_class('threatstack') end
+    it { should contain_class('threatstack::package') }
+    it { should contain_class('threatstack::configure') }
+
+  end
+
 
 end

spec/classes/package_spec.rb

@@ -21,7 +21,7 @@
     end
   end
 
-  context 'on Amazon Linux' do
+  context 'on Amazon Linux 2' do
     let(:facts) {  {'operatingsystemmajrelease' => '2', 'os' => {  'release' => { 'major' => '2'}, 'name' => 'Amazon', 'family' => 'RedHat'} } }
     let(:pre_condition) { "class { 'threatstack': deploy_key => '#{deploy_key}', gpg_key => 'https://app.threatstack.com/RPM-GPG-KEY-THREATSTACK', repo_class => '::threatstack::yum' }" }
 
@@ -30,6 +30,15 @@
     end
   end
 
+  context 'on Amazon Linux 1' do
+    let(:facts) {  {'operatingsystemmajrelease' => '1', 'os' => {  'release' => { 'major' => '1'}, 'name' => 'Amazon', 'family' => 'RedHat'} } }
+    let(:pre_condition) { "class { 'threatstack': deploy_key => '#{deploy_key}', gpg_key => 'https://app.threatstack.com/RPM-GPG-KEY-THREATSTACK', repo_class => '::threatstack::yum' }" }
+
+    context 'package' do
+      it { should contain_package('threatstack-agent').with_ensure('installed') }
+    end
+  end
+
   context 'on Debian 8' do
     let(:facts) { {'osfamily' => 'Debian', 'os' => { 'name' => 'Debian', 'release' => {'full' => '8.11', 'major' => '8', 'minor' => '11'}, 'distro' => {'codename' => 'jessie'}, 'family' => 'Debian'} } }
     let(:pre_condition) { "class { 'threatstack': deploy_key => '#{deploy_key}', gpg_key => 'https://app.threatstack.com/APT-GPG-KEY-THREATSTACK', repo_class => '::threatstack::apt' }" }

spec/classes/yum_spec.rb

@@ -35,7 +35,7 @@
     end
   end
 
-  context 'on Amazon' do
+  context 'on Amazon Linux 2' do
     let(:facts) {  {'operatingsystemmajrelease' => '2', 'os' => {  'release' => { 'major' => '2'}, 'name' => 'Amazon', 'family' => 'RedHat'} } }
     let(:pre_condition) { "class { 'threatstack': deploy_key => '#{deploy_key}', gpg_key => 'https://app.threatstack.com/RPM-GPG-KEY-THREATSTACK' }" }
 
@@ -50,4 +50,18 @@
     end
   end
 
+  context 'on Amazon Linux 1' do
+    let(:facts) {  {'operatingsystemmajrelease' => '2018', 'os' => {  'release' => { 'major' => '2018'}, 'name' => 'Amazon', 'family' => 'RedHat'} } }
+    let(:pre_condition) { "class { 'threatstack': deploy_key => '#{deploy_key}', gpg_key => 'https://app.threatstack.com/RPM-GPG-KEY-THREATSTACK' }" }
+
+    context 'default' do
+      it { should contain_yumrepo('threatstack').with(
+        :descr     => 'Threat Stack Package Repository',
+        :enabled   => 1,
+        :baseurl   => 'https://pkg.threatstack.com/v2/Amazon/1',
+        :gpgcheck  => 1,
+        :gpgkey    => 'file:///etc/pki/rpm-gpg/RPM-GPG-KEY-THREATSTACK'
+      ) }
+    end
+  end
 end