.fixtures.yml

@@ -5,3 +5,10 @@ fixtures:
     stdlib: "puppetlabs/stdlib"
     apt: "puppetlabs/apt"
     translate: "puppetlabs/translate"
+    auditd: "simp/auditd"
+    simplib: "simp/simplib"
+    augeas_core: "herculesteam/augeasproviders_core"
+    augeaslibs: "herculesteam/augeasproviders_grub"
+    archive: "puppet/archive"
+    remote_file: "lwf/remote_file"
+    concat: "puppetlabs/concat"

.gitignore

@@ -1,9 +1,18 @@
+.DS_Store
 .kitchen/
 .bundle
 .kitchen.local.yml
 .librarian/
+*.swp
+*.orig
+*.log
+*.rpm
+*.deb
 .ruby-version
 .tmp/
+.vagrant
+config.sh
+test.pp
 modules/
 pkg
 Gemfile.lock

.kitchen.yml

@@ -1,11 +1,12 @@
 ---
 driver:
-  name: vagrant
+  name: docker
 
 provisioner:
   name: puppet_apply
   modules_path: modules
   manifests_path: manifests
+  ignore_spec_fixtures: true
   <% if ENV['PUPPET3'] != nil %>
   require_puppet_collections: false
   <% else %>
@@ -21,16 +22,189 @@ provisioner:
     ts_package_version: <%= ENV['TS_PACKAGE_VERSION'] %>
     <% end %>
 
+transport:
+  name: ssh
+  max_ssh_sessions: 1
+
 platforms:
-  - name: centos-6.7
-  - name: centos-7.3
-  - name: debian-7.8
-  - name: fedora-25
-  - name: ubuntu-12.04
-  - name: ubuntu-14.04
+  - name: amazon-1
+    driver_config:
+      image: amazonlinux:1
+      platform: amazonlinux
+      run_command: /sbin/init
+      privileged: true
+      run_options:
+        env: container=docker
+      volume:
+        - /sys/fs/cgroup:/sys/fs/cgroup
+      provision_command:
+        - yum install -y audit initscripts
+        - sed -i 's/local_events = yes/local_events = no/g' /etc/audit/auditd.conf
+        - chkconfig auditd on
+  - name: amazon-2
+    driver_config:
+      image: amazonlinux:2
+      platform: amazonlinux
+      run_command: /sbin/init
+      privileged: true
+      run_options:
+        env: container=docker
+      volume:
+        - /sys/fs/cgroup:/sys/fs/cgroup
+      provision_command:
+        - yum install -y audit initscripts
+        - sed -i 's/local_events = yes/local_events = no/g' /etc/audit/auditd.conf
+        - systemctl enable auditd.service
+  - name: centos-7
+    driver_config:
+      image: centos:7
+      run_command: /sbin/init
+      cap_add:
+        - SYS_ADMIN
+      privileged: true
+      run_options:
+        env: container=docker
+      volume:
+        - /sys/fs/cgroup:/sys/fs/cgroup
+      provision_command:
+        - yum install -y audit initscripts
+        - sed -i 's/local_events = yes/local_events = no/g' /etc/audit/auditd.conf
+        - systemctl enable auditd.service
+  - name: centos-8
+    driver_config:
+      image: centos:8
+      run_command: /sbin/init
+      cap_add:
+        - SYS_ADMIN
+      privileged: true
+      run_options:
+        env: container=docker
+      volume:
+        - /sys/fs/cgroup:/sys/fs/cgroup
+      provision_command:
+        - yum install -y audit initscripts
+        - sed -i 's/local_events = yes/local_events = no/g' /etc/audit/auditd.conf
+        - systemctl enable auditd.service
+  - name: centos-8-arm
+    provisioner:
+      puppet_yum_collections_repo: https://yum.puppet.com/puppet/puppet-release-el-8.noarch.rpm
+    driver_config:
+      image: arm64v8/centos:8
+      run_command: /sbin/init
+      cap_add:
+        - SYS_ADMIN
+      privileged: true
+      run_options:
+        env: container=docker
+      volume:
+        - /sys/fs/cgroup:/sys/fs/cgroup
+      provision_command:
+        - yum install -y audit initscripts
+        - sed -i 's/local_events = yes/local_events = no/g' /etc/audit/auditd.conf
+        - systemctl enable auditd.service
+  - name: debian-8
+    driver_config:
+      image: debian:8
+      run_command: /sbin/init
+      cap_add:
+        - SYS_ADMIN
+      run_options:
+        env: container=docker
+      volume:
+        - /sys/fs/cgroup:/sys/fs/cgroup
+      provision_command:
+        - sed -i 's/UsePAM yes/UsePAM no/g' /etc/ssh/sshd_config
+        - systemctl enable ssh.service
+  - name: debian-9
+    provisioner:
+      puppet_apt_collections_repo: http://apt.puppetlabs.com/puppet7-release-stretch.deb
+    driver_config:
+      image: debian:9
+      run_command: /bin/systemd
+      cap_add:
+        - SYS_ADMIN
+      run_options:
+        env: container=docker
+      volume:
+        - /sys/fs/cgroup:/sys/fs/cgroup
+      provision_command:
+        - sed -i 's/UsePAM yes/UsePAM no/g' /etc/ssh/sshd_config
+        - systemctl enable ssh.service
+  - name: debian-10
+    driver_config:
+      image: debian:10
+      run_command: /sbin/init
+      cap_add:
+        - SYS_ADMIN
+      run_options:
+        env: container=docker
+      volume:
+        - /sys/fs/cgroup:/sys/fs/cgroup
+      provision_command:
+        - sed -i 's/UsePAM yes/UsePAM no/g' /etc/ssh/sshd_config
+        - systemctl enable ssh.service
   - name: ubuntu-16.04
+    driver_config:
+      image: ubuntu:16.04
+      run_command: /sbin/init
+      cap_add:
+        - SYS_ADMIN
+      run_options:
+        env: container=docker
+      volume:
+        - /sys/fs/cgroup:/sys/fs/cgroup
+      provision_command:
+        - sed -i 's/UsePAM yes/UsePAM no/g' /etc/ssh/sshd_config
+        - systemctl enable ssh.service
+  - name: ubuntu-18.04
+    driver_config:
+      image: ubuntu:18.04
+      run_command: /sbin/init
+      cap_add:
+        - SYS_ADMIN
+      run_options:
+        env: container=docker
+      volume:
+        - /sys/fs/cgroup:/sys/fs/cgroup
+      provision_command:
+        - sed -i 's/UsePAM yes/UsePAM no/g' /etc/ssh/sshd_config
+        - systemctl enable ssh.service
+  - name: ubuntu-20.04
+    provisioner:
+      puppet_apt_collections_repo: https://apt.puppetlabs.com/puppet7-release-focal.deb
+    driver_config:
+      image: ubuntu:20.04
+      run_command: /sbin/init
+      cap_add:
+        - SYS_ADMIN
+      run_options:
+        env: container=docker
+      volume:
+        - /sys/fs/cgroup:/sys/fs/cgroup
+      provision_command:
+        - sed -i 's/UsePAM yes/UsePAM no/g' /etc/ssh/sshd_config
+        - systemctl enable ssh.service
+  - name: ubuntu-20.04-arm
+    provisioner:
+      puppet_apt_collections_repo: https://apt.puppetlabs.com/puppet7-release-focal.deb
+    driver_config:
+      image: arm64v8/ubuntu:20.04
+      run_command: /sbin/init
+      cap_add:
+        - SYS_ADMIN
+      run_options:
+        env: container=docker
+      volume:
+        - /sys/fs/cgroup:/sys/fs/cgroup
+      provision_command:
+        - sed -i 's/UsePAM yes/UsePAM no/g' /etc/ssh/sshd_config
+        - systemctl enable ssh.service
 
 suites:
   - name: default
     provisioner:
       manifest: site.pp
+  - name: custom
+    provisioner:
+      manifest: site.pp
+      facter_file: test/data/test_custom_fact.rb

.travis.yml

@@ -1,11 +1,14 @@
 language: ruby
+rvm:
+  - 2.5
 before_install:
   - curl https://apt.puppetlabs.com/DEB-GPG-KEY-puppet | sudo apt-key add -
   - curl -O https://apt.puppetlabs.com/puppet5-release-trusty.deb
   - sudo dpkg -i puppet5-release-trusty.deb
   - sudo apt-get update -q
   - sudo apt-get install -y lsb-release puppet-agent
-  - /opt/puppetlabs/puppet/bin/gem install bundler
+  - /opt/puppetlabs/puppet/bin/gem install bundler rake
+  - gem install bundler rake
 bundler_args: "--without system_tests"
 before_script:
   - export PATH=$PATH:/opt/puppetlabs/puppet/bin

CHANGELOG.md

@@ -2,6 +2,52 @@
 
 We'll track changes here starting with details about the 2.0 release and reference to earlier releases.
 
+## 2.0.11
+- switched to using [simp/auditd](https://forge.puppet.com/modules/simp/auditd) to deal with `auditd`
+  - the [kemra102/auditd](https://forge.puppet.com/modules/kemra102/auditd) module appears to be abandoned and doesn't support RHEL 8
+
+## 2.0.10
+### Added
+- updated README with support for
+  - Debian 10
+  - Ubuntu 20.04
+  - CentOS/RedHat 8
+- updated tests for newer distros
+- added optional parameter to enable/disable yum repo on rhel
+
+## 2.0.9
+### Fixed
+- merged PR simplifying ruleset args
+  - https://github.com/threatstack/threatstack-puppet/pull/47
+
+## 2.0.8
+### Fixed
+- merged PR fixing amazon linux 1/upstart service compatibility
+- also uses `remote_file` vs. `file` resource in windows manifest
+  - https://github.com/threatstack/threatstack-puppet/pull/45
+- merged PR defaulting to default apt keyserver
+  - https://github.com/threatstack/threatstack-puppet/pull/46
+- thanks @carthik and @amlodzianowski!
+
+## 2.0.7
+### Changed
+- use a service resource to manage auditd vs. an exec
+
+## 2.0.6
+### Added
+- added basic support for downloading, configuring, installing, running windows agent
+
+## 2.0.2
+### Fixed
+- fixed amazon linux 1 support and tests
+
+## 2.0.1
+### Changed
+- added optional parameter `disable_auditd` to handle issues users reported installing on RHEL-like OSes
+
+### Fixed
+- fixed amazon linux 2 yum repo assignment
+
 ## 2.0
 ### This release tracks the release of the Threat Stack Agent 2.0
 

CONTRIBUTING.md

@@ -0,0 +1,11 @@
+Contributing to Threat Stack Agent Puppet Module
+=============================
+
+We encourage anyone to provide enchancements/fixes to this repository. Simply fork, commit, and then open a PR back to the parent repository.
+
+
+### What makes a good PR?
+
+* Make sure you update the README.md with any new/removed/changed values parameters.
+* Write tests that cover your proposed changes.
+* Make sure the tests documented in the [README](README.md) run as expected on all platforms.

Gemfile

@@ -1,9 +1,7 @@
-source 'https://rubygems.org'
-
 source ENV['GEM_SOURCE'] || 'https://rubygems.org'
 
-group :development, :unit_tests do
-  gem 'rake',                         :require => false
+group :development, :unit_tests , :test do
+  gem 'rake', "13.0.1",               :require => false
   gem 'rspec-puppet', "2.7.2",        :require => false
   gem 'puppetlabs_spec_helper',       :require => false
   gem 'puppet-lint', "2.3.6",         :require => false
@@ -14,15 +12,16 @@ group :development, :unit_tests do
   gem 'metadata-json-lint', '2.2.0',  :require => false
   gem 'vagrant-wrapper',              :require => false
   gem 'puppet-blacksmith',            :require => false
-  gem 'rest-client', ">=1.7.3",       :require => false
+  gem 'rest-client', ">=1.8",         :require => false
   gem 'semantic_puppet',              :require => false
   gem 'rspec-puppet-facts', '~> 1.7', :require => false
 end
+
 group :system_tests do
   gem 'serverspec',      :require => false
   gem 'test-kitchen',    :require => false
   gem 'kitchen-puppet',  :require => false
-  gem 'kitchen-vagrant', :require => false
+  gem 'kitchen-docker', :require => false
 end
 
 if facterversion = ENV['FACTER_GEM_VERSION']

Puppetfile

@@ -1,4 +1,9 @@
 # Here for kitchen-puppet.
 forge "https://forgeapi.puppetlabs.com"
 
-mod 'puppetlabs-stdlib'
+mod 'puppetlabs-stdlib', '4.20.0'
+
+mod 'puppetlabs-apt', '6.2.1'
+mod 'lwf-remote_file', '1.1.3'
+mod 'puppet-archive', '4.3.0'
+mod 'simp-auditd', '8.6.1'