From 60d716aa662fdb298999f18e018ad392683f7810 Mon Sep 17 00:00:00 2001
From: Cody Green <cody@codygreen.com>
Date: Thu, 21 May 2020 06:21:03 -0500
Subject: [PATCH 1/5] added FAST controls

---
 controls/bigip.rb | 28 ++++++++++++++++++++++++++
 inspec.yml        | 50 ++++++++++++++++++++++++-----------------------
 2 files changed, 54 insertions(+), 24 deletions(-)

diff --git a/controls/bigip.rb b/controls/bigip.rb
index 95ed655..38f2b94 100644
--- a/controls/bigip.rb
+++ b/controls/bigip.rb
@@ -9,6 +9,7 @@
 DO_VERSION     = input('do_version')
 AS3_VERSION    = input('as3_version')
 TS_VERSION     = input('ts_version')
+FAST_VERSION   = input('fast_version')
 
 control "bigip-connectivity" do
   impact 1.0
@@ -97,6 +98,33 @@
   end
 end
 
+control "bigip-fast" do
+  impact 1.0
+  title "BIG-IP has F5 Application Service Templates"
+  # is the declarative onboarding end point available?
+  describe http("https://#{BIGIP_HOST}:#{BIGIP_PORT}/mgmt/shared/fast/info",
+            auth: {user: BIGIP_USER, pass: BIGIP_PASSWORD},
+            params: {format: 'html'},
+            method: 'GET',
+            ssl_verify: false) do
+        its('status') { should cmp 200 }
+        its('headers.Content-Type') { should match 'application/json' }
+  end
+end 
+
+control "bigip-telemetry-streaming-version" do
+  impact 1.0
+  title "BIG-IP has specified version of Application Services"
+  describe json(content: http("https://#{BIGIP_HOST}:#{BIGIP_PORT}/mgmt/shared/fast/info",
+            auth: {user: BIGIP_USER, pass: BIGIP_PASSWORD},
+            params: {format: 'html'},
+            method: 'GET',
+            ssl_verify: false).body) do
+        its('version') { should eq FAST_VERSION }
+
+  end
+end
+
 control "bigip-licensed" do
   impact 1.0
   title "BIG-IP has an active license"
diff --git a/inspec.yml b/inspec.yml
index 42dd9be..f677aa0 100644
--- a/inspec.yml
+++ b/inspec.yml
@@ -9,27 +9,29 @@ version: 0.1.0
 supports:
   platform: os
 inputs:
-- name: bigip_address
-  description: ip address of the BIG-IP to test
-  required: true
-- name: bigip_port
-  description: management port on the BIG-IP
-  value: 443
-  required: false
-- name: user
-  description: user to connect to the BIG-IP as
-  value: admin
-  required: false
-- name: password
-  description: password to connect to the BIG-IP with
-  required: true
-- name: do_version
-  description: required version of declarative onboarding
-  required: false
-- name: as3_version
-  description: required version of application services (AS3)
-  required: false
-- name: ts_version
-  description: required version of telemetry streaming
-  required: false
-  
\ No newline at end of file
+  - name: bigip_address
+    description: ip address of the BIG-IP to test
+    required: true
+  - name: bigip_port
+    description: management port on the BIG-IP
+    value: 443
+    required: false
+  - name: user
+    description: user to connect to the BIG-IP as
+    value: admin
+    required: false
+  - name: password
+    description: password to connect to the BIG-IP with
+    required: true
+  - name: do_version
+    description: required version of declarative onboarding
+    required: false
+  - name: as3_version
+    description: required version of application services (AS3)
+    required: false
+  - name: ts_version
+    description: required version of telemetry streaming
+    required: false
+  - name: fast_version
+    description: required version of F5 application services templates
+    required: false

From dfa5ca271d33f2ce69bca713635f3908309a5f33 Mon Sep 17 00:00:00 2001
From: Cody Green <cody@codygreen.com>
Date: Thu, 21 May 2020 08:06:02 -0500
Subject: [PATCH 2/5] fix control name duplication

---
 controls/bigip.rb | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/controls/bigip.rb b/controls/bigip.rb
index 38f2b94..8addc07 100644
--- a/controls/bigip.rb
+++ b/controls/bigip.rb
@@ -112,7 +112,7 @@
   end
 end 
 
-control "bigip-telemetry-streaming-version" do
+control "bigip-fast-version" do
   impact 1.0
   title "BIG-IP has specified version of Application Services"
   describe json(content: http("https://#{BIGIP_HOST}:#{BIGIP_PORT}/mgmt/shared/fast/info",

From 17f22e91f15a5fdf5d958cdb87fb237e0e59378b Mon Sep 17 00:00:00 2001
From: Cody Green <cody@codygreen.com>
Date: Thu, 21 May 2020 08:14:08 -0500
Subject: [PATCH 3/5] troubleshoot 404 error

---
 controls/bigip.rb | 3 +--
 1 file changed, 1 insertion(+), 2 deletions(-)

diff --git a/controls/bigip.rb b/controls/bigip.rb
index 8addc07..0bc3712 100644
--- a/controls/bigip.rb
+++ b/controls/bigip.rb
@@ -114,14 +114,13 @@
 
 control "bigip-fast-version" do
   impact 1.0
-  title "BIG-IP has specified version of Application Services"
+  title "BIG-IP has specified version of F5 Application Service Templates"
   describe json(content: http("https://#{BIGIP_HOST}:#{BIGIP_PORT}/mgmt/shared/fast/info",
             auth: {user: BIGIP_USER, pass: BIGIP_PASSWORD},
             params: {format: 'html'},
             method: 'GET',
             ssl_verify: false).body) do
         its('version') { should eq FAST_VERSION }
-
   end
 end
 

From 49a4f86e51b86df1437255e35b451bdaa989da29 Mon Sep 17 00:00:00 2001
From: Mark Menger <m.menger@f5.com>
Date: Thu, 21 May 2020 14:23:57 +0000
Subject: [PATCH 4/5] remove html format params

---
 controls/bigip.rb | 8 --------
 1 file changed, 8 deletions(-)

diff --git a/controls/bigip.rb b/controls/bigip.rb
index 0bc3712..a989e48 100644
--- a/controls/bigip.rb
+++ b/controls/bigip.rb
@@ -25,7 +25,6 @@
   # is the declarative onboarding end point available?
   describe http("https://#{BIGIP_HOST}:#{BIGIP_PORT}/mgmt/shared/declarative-onboarding/info",
             auth: {user: BIGIP_USER, pass: BIGIP_PASSWORD},
-            params: {format: 'html'},
             method: 'GET',
             ssl_verify: false) do
         its('status') { should cmp 200 }
@@ -38,7 +37,6 @@
   title "BIG-IP has specified version of Declarative Onboarding"
   describe json(content: http("https://#{BIGIP_HOST}:#{BIGIP_PORT}/mgmt/shared/declarative-onboarding/info",
             auth: {user: BIGIP_USER, pass: BIGIP_PASSWORD},
-            params: {format: 'html'},
             method: 'GET',
             ssl_verify: false).body) do
         its([0,'version']) { should eq DO_VERSION }
@@ -51,7 +49,6 @@
   # is the declarative onboarding end point available?
   describe http("https://#{BIGIP_HOST}:#{BIGIP_PORT}/mgmt/shared/appsvcs/info",
             auth: {user: BIGIP_USER, pass: BIGIP_PASSWORD},
-            params: {format: 'html'},
             method: 'GET',
             ssl_verify: false) do
         its('status') { should cmp 200 }
@@ -64,7 +61,6 @@
   title "BIG-IP has specified version of Application Services"
   describe json(content: http("https://#{BIGIP_HOST}:#{BIGIP_PORT}/mgmt/shared/appsvcs/info",
             auth: {user: BIGIP_USER, pass: BIGIP_PASSWORD},
-            params: {format: 'html'},
             method: 'GET',
             ssl_verify: false).body) do
         its('version') { should eq AS3_VERSION }
@@ -77,7 +73,6 @@
   # is the declarative onboarding end point available?
   describe http("https://#{BIGIP_HOST}:#{BIGIP_PORT}/mgmt/shared/telemetry/info",
             auth: {user: BIGIP_USER, pass: BIGIP_PASSWORD},
-            params: {format: 'html'},
             method: 'GET',
             ssl_verify: false) do
         its('status') { should cmp 200 }
@@ -90,7 +85,6 @@
   title "BIG-IP has specified version of Application Services"
   describe json(content: http("https://#{BIGIP_HOST}:#{BIGIP_PORT}/mgmt/shared/telemetry/info",
             auth: {user: BIGIP_USER, pass: BIGIP_PASSWORD},
-            params: {format: 'html'},
             method: 'GET',
             ssl_verify: false).body) do
         its('version') { should eq TS_VERSION }
@@ -104,7 +98,6 @@
   # is the declarative onboarding end point available?
   describe http("https://#{BIGIP_HOST}:#{BIGIP_PORT}/mgmt/shared/fast/info",
             auth: {user: BIGIP_USER, pass: BIGIP_PASSWORD},
-            params: {format: 'html'},
             method: 'GET',
             ssl_verify: false) do
         its('status') { should cmp 200 }
@@ -117,7 +110,6 @@
   title "BIG-IP has specified version of F5 Application Service Templates"
   describe json(content: http("https://#{BIGIP_HOST}:#{BIGIP_PORT}/mgmt/shared/fast/info",
             auth: {user: BIGIP_USER, pass: BIGIP_PASSWORD},
-            params: {format: 'html'},
             method: 'GET',
             ssl_verify: false).body) do
         its('version') { should eq FAST_VERSION }

From c47d154fa6f63ed23d316db04a4f75066a00c5b8 Mon Sep 17 00:00:00 2001
From: Mark Menger <m.menger@f5.com>
Date: Thu, 21 May 2020 14:40:45 +0000
Subject: [PATCH 5/5] change telemetry streaming control title

---
 controls/bigip.rb | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/controls/bigip.rb b/controls/bigip.rb
index a989e48..78b33a4 100644
--- a/controls/bigip.rb
+++ b/controls/bigip.rb
@@ -69,7 +69,7 @@
 
 control "bigip-telemetry-streaming" do
   impact 1.0
-  title "BIG-IP has Application Services"
+  title "BIG-IP has Telemetry Streaming"
   # is the declarative onboarding end point available?
   describe http("https://#{BIGIP_HOST}:#{BIGIP_PORT}/mgmt/shared/telemetry/info",
             auth: {user: BIGIP_USER, pass: BIGIP_PASSWORD},
@@ -82,7 +82,7 @@
 
 control "bigip-telemetry-streaming-version" do
   impact 1.0
-  title "BIG-IP has specified version of Application Services"
+  title "BIG-IP has specified version of Telemetry Streaming"
   describe json(content: http("https://#{BIGIP_HOST}:#{BIGIP_PORT}/mgmt/shared/telemetry/info",
             auth: {user: BIGIP_USER, pass: BIGIP_PASSWORD},
             method: 'GET',