From 8291e4ab9fa0317090bc5f0f636d8b40580d640b Mon Sep 17 00:00:00 2001 From: Werner Dijkerman Date: Mon, 15 Apr 2019 21:52:08 +0200 Subject: [PATCH 1/9] Added a successful installation on provided Docker containers with Molecule --- molecule/default/molecule.yml | 25 ++++++++---- molecule/default/playbook.yml | 8 ++-- molecule/default/prepare.yml | 20 +++++++++- .../ansible-wazuh-manager/defaults/main.yml | 1 + .../ansible-wazuh-manager/handlers/main.yml | 2 + .../wazuh/ansible-wazuh-manager/meta/main.yml | 28 +++++++------- .../ansible-wazuh-manager/tasks/Debian.yml | 38 ++++++++++++++++--- .../ansible-wazuh-manager/tasks/RedHat.yml | 23 ++++++++--- .../ansible-wazuh-manager/tasks/main.yml | 38 +++++++++++-------- 9 files changed, 131 insertions(+), 52 deletions(-) diff --git a/molecule/default/molecule.yml b/molecule/default/molecule.yml index 19fba1ffd..e18bd1f9b 100644 --- a/molecule/default/molecule.yml +++ b/molecule/default/molecule.yml @@ -7,20 +7,31 @@ lint: name: yamllint enabled: false # fix in seperate PR platforms: - - name: bionic + - name: wazuh_manager_bionic image: ubuntu:bionic - - name: xenial + groups: + - wazuh_manager + - name: wazuh_manager_xenial image: ubuntu:xenial - - name: trusty + groups: + - wazuh_manager + - name: wazuh_manager_trusty image: ubuntu:trusty - - name: centos6 + groups: + - wazuh_manager + - name: wazuh_manager_centos6 image: centos:6 - - name: centos7 - image: centos:7 + groups: + - wazuh_manager + - name: wazuh_manager_centos7 + image: milcom/centos7-systemd + privileged: True + groups: + - wazuh_manager provisioner: name: ansible env: - ANSIBLE_ROLES_PATH: $HOME/wazuh-ansible/roles + ANSIBLE_ROLES_PATH: ../../roles lint: name: ansible-lint enabled: true # fix in seperate PR diff --git a/molecule/default/playbook.yml b/molecule/default/playbook.yml index f8b8debf3..d74f3e66b 100644 --- a/molecule/default/playbook.yml +++ b/molecule/default/playbook.yml @@ -1,9 +1,11 @@ --- - name: Converge - hosts: all + hosts: wazuh_manager roles: - - {role: wazuh/ansible-wazuh-manager} - - {role: wazuh/ansible-filebeat} #, filebeat_output_logstash_hosts: 'your elastic stack server IP' + - role: wazuh/ansible-wazuh-manager + + + # - {role: wazuh/ansible-filebeat} #, filebeat_output_logstash_hosts: 'your elastic stack server IP' # Elasticsearch requires too much memory to test multiple containers concurrently - To Fix #- {role: elastic-stack/ansible-elasticsearch, elasticsearch_network_host: 'localhost'} #- {role: elastic-stack/ansible-logstash, logstash_input_beats: true, elasticsearch_network_host: 'localhost'} diff --git a/molecule/default/prepare.yml b/molecule/default/prepare.yml index 5358b3bd8..2ef19d180 100644 --- a/molecule/default/prepare.yml +++ b/molecule/default/prepare.yml @@ -1,5 +1,21 @@ --- - name: Prepare hosts: all - gather_facts: false - tasks: [] + gather_facts: True + tasks: + + - name: "Install Python packages for Trusty to solve trust issues" + package: + name: + - python-setuptools + - python-pip + state: latest + when: + - ansible_distribution == "Ubuntu" + - ansible_distribution_major_version | int == 14 + + - name: "Install dependencies" + package: + name: + - curl + state: latest diff --git a/roles/wazuh/ansible-wazuh-manager/defaults/main.yml b/roles/wazuh/ansible-wazuh-manager/defaults/main.yml index 80b39c064..b550b0f8a 100644 --- a/roles/wazuh/ansible-wazuh-manager/defaults/main.yml +++ b/roles/wazuh/ansible-wazuh-manager/defaults/main.yml @@ -1,5 +1,6 @@ --- wazuh_manager_fqdn: "wazuh-server" +wazuh_manager_package_state: latest wazuh_manager_config: json_output: 'yes' diff --git a/roles/wazuh/ansible-wazuh-manager/handlers/main.yml b/roles/wazuh/ansible-wazuh-manager/handlers/main.yml index 70f7b506d..0fac45a1e 100644 --- a/roles/wazuh/ansible-wazuh-manager/handlers/main.yml +++ b/roles/wazuh/ansible-wazuh-manager/handlers/main.yml @@ -13,3 +13,5 @@ name: wazuh-api state: restarted enabled: true + when: + - not (ansible_distribution == 'CentOS' or ansible_distribution == 'RedHat' and ansible_distribution_major_version|int < 6) diff --git a/roles/wazuh/ansible-wazuh-manager/meta/main.yml b/roles/wazuh/ansible-wazuh-manager/meta/main.yml index 69b6ebec6..1275d232c 100644 --- a/roles/wazuh/ansible-wazuh-manager/meta/main.yml +++ b/roles/wazuh/ansible-wazuh-manager/meta/main.yml @@ -6,18 +6,18 @@ galaxy_info: license: license (GPLv3) min_ansible_version: 2.0 platforms: - - name: EL - versions: - - all - - name: Ubuntu - versions: - - all - - name: Debian - versions: - - all - - name: Fedora - versions: - - all - categories: - - monitoring + - name: EL + versions: + - all + - name: Ubuntu + versions: + - all + - name: Debian + versions: + - all + - name: Fedora + versions: + - all + galaxy_tags: + - monitoring dependencies: [] diff --git a/roles/wazuh/ansible-wazuh-manager/tasks/Debian.yml b/roles/wazuh/ansible-wazuh-manager/tasks/Debian.yml index 05b6a5a72..8123e4c9c 100644 --- a/roles/wazuh/ansible-wazuh-manager/tasks/Debian.yml +++ b/roles/wazuh/ansible-wazuh-manager/tasks/Debian.yml @@ -1,17 +1,30 @@ --- - name: Debian/Ubuntu | Install apt-transport-https and ca-certificates apt: - name: ['apt-transport-https', 'ca-certificates'] + name: + - apt-transport-https + - ca-certificates + - gnupg state: present cache_valid_time: 3600 - with_items: - - apt-transport-https - - ca-certificates - - urllib3 +- name: Debian/Ubuntu | Installing Wazuh repository key (Ubuntu 14) + become: yes + shell: | + set -o pipefail + curl -s https://packages.wazuh.com/key/GPG-KEY-WAZUH | apt-key add - + args: + warn: False + executable: /bin/bash + changed_when: False + when: + - ansible_distribution == "Ubuntu" + - ansible_distribution_major_version | int == 14 - name: Debian/Ubuntu | Installing Wazuh repository key apt_key: url=https://packages.wazuh.com/key/GPG-KEY-WAZUH + when: + - not (ansible_distribution == "Ubuntu" and ansible_distribution_major_version | int == 14) - name: Debian/Ubuntu | Add Wazuh repositories apt_repository: @@ -19,8 +32,23 @@ state: present update_cache: yes +- name: Debian/Ubuntu | Installing NodeJS repository key (Ubuntu 14) + become: yes + shell: | + set -o pipefail + curl -s https://deb.nodesource.com/gpgkey/nodesource.gpg.key | apt-key add - + args: + warn: False + executable: /bin/bash + changed_when: False + when: + - ansible_distribution == "Ubuntu" + - ansible_distribution_major_version | int == 14 + - name: Debian/Ubuntu | Installing NodeJS repository key apt_key: url=https://deb.nodesource.com/gpgkey/nodesource.gpg.key + when: + - not (ansible_distribution == "Ubuntu" and ansible_distribution_major_version | int == 14) - name: Debian/Ubuntu | Add NodeSource repositories for Node.js apt_repository: diff --git a/roles/wazuh/ansible-wazuh-manager/tasks/RedHat.yml b/roles/wazuh/ansible-wazuh-manager/tasks/RedHat.yml index e603508aa..93118e831 100644 --- a/roles/wazuh/ansible-wazuh-manager/tasks/RedHat.yml +++ b/roles/wazuh/ansible-wazuh-manager/tasks/RedHat.yml @@ -3,7 +3,7 @@ yum_repository: name: NodeJS description: NodeJS-$releasever - baseurl: https://rpm.nodesource.com/pub_6.x/el/{{ansible_distribution_major_version}}/x86_64 + baseurl: https://rpm.nodesource.com/pub_6.x/el/{{ ansible_distribution_major_version }}/x86_64 gpgkey: https://rpm.nodesource.com/pub/el/NODESOURCE-GPG-SIGNING-KEY-EL gpgcheck: yes when: @@ -19,9 +19,12 @@ when: ansible_distribution == 'Fedora' - name: AmazonLinux | Get Nodejs - shell: curl --silent --location https://rpm.nodesource.com/setup_8.x | bash - + shell: | + set -o pipefail + curl --silent --location https://rpm.nodesource.com/setup_8.x | bash - args: warn: no + executable: /bin/bash when: - ansible_distribution == "Amazon" and ansible_distribution_major_version == "NA" @@ -53,7 +56,10 @@ - ansible_distribution_major_version|int == 5 - name: RedHat/CentOS/Fedora | Install openscap - package: name=openscap-scanner state=present + package: name={{ item }} state=present + with_items: + - openscap-scanner + - openssl tags: - init when: not (ansible_distribution == "Amazon" and ansible_distribution_major_version == "NA") @@ -80,7 +86,7 @@ - wazuh_manager_config.cluster.disable != 'yes' - name: CentOS/RedHat 6 | Install python-cryptography module - shell: pip2.7 install cryptography + pip: name=cryptography state=present environment: PATH: "/opt/rh/python27/root/usr/bin:{{ ansible_env.PATH }}" LD_LIBRARY_PATH: "/opt/rh/python27/root/usr/lib64:/opt/rh/python27/root/usr/lib" @@ -128,4 +134,11 @@ - name: Set Distribution CIS filename for RHEL7/CentOS-7 set_fact: cis_distribution_filename: cis_rhel7_linux_rcl.txt - when: (ansible_os_family == "RedHat" and ansible_distribution_major_version == '7') or (ansible_distribution == "Amazon" and ansible_distribution_major_version == "NA") + when: + - ansible_os_family == "RedHat" and ansible_distribution_major_version == '7' + +- name: Set Distribution CIS filename for RHEL7/CentOS-7 (Amazon) + set_fact: + cis_distribution_filename: cis_rhel7_linux_rcl.txt + when: + - ansible_distribution == "Amazon" and ansible_distribution_major_version == "NA" diff --git a/roles/wazuh/ansible-wazuh-manager/tasks/main.yml b/roles/wazuh/ansible-wazuh-manager/tasks/main.yml index f5c8ba3d3..5ccc40576 100644 --- a/roles/wazuh/ansible-wazuh-manager/tasks/main.yml +++ b/roles/wazuh/ansible-wazuh-manager/tasks/main.yml @@ -6,13 +6,13 @@ when: ansible_os_family == "Debian" - name: Install wazuh-manager, wazuh-api and expect - package: pkg={{ item }} state=latest + package: pkg={{ item }} state={{ wazuh_manager_package_state }} with_items: - wazuh-manager - wazuh-api - expect when: - - not (( ansible_distribution == 'CentOS' or ansible_distribution == 'RedHat' ) and ansible_distribution_major_version|int < 6 ) + - not (ansible_distribution in ['CentOS','RedHat'] and ansible_distribution_major_version|int < 6) tags: - init @@ -22,21 +22,21 @@ regexp: 'echo -n "Starting Wazuh-manager: "' replace: 'echo -n "Starting Wazuh-manager (EL6): "; source /opt/rh/python27/enable; export LD_LIBRARY_PATH=$LD_LIBRARY_PATH:/var/ossec/framework/lib' when: - - ( ansible_distribution == 'CentOS' or ansible_distribution == 'RedHat' ) and ansible_distribution_major_version == '6' + - ansible_distribution in ['CentOS', 'RedHat'] and ansible_distribution_major_version|int == 6 - wazuh_manager_config.cluster.disable != 'yes' - name: Install wazuh-manager and expect (EL5) - package: pkg={{ item }} state=latest + package: pkg={{ item }} state={{ wazuh_manager_package_state }} with_items: - wazuh-manager - expect when: - - ( ansible_distribution == 'CentOS' or ansible_distribution == 'RedHat' ) and ansible_distribution_major_version|int < 6 + - ansible_distribution in ['CentOS','RedHat'] and ansible_distribution_major_version|int < 6 tags: - init - name: Generate SSL files for authd - command: "openssl req -x509 -sha256 -nodes -days 365 -newkey rsa:1825 -keyout sslmanager.key -out sslmanager.cert -subj /CN={{wazuh_manager_fqdn}}/" + command: "openssl req -x509 -sha256 -nodes -days 365 -newkey rsa:1825 -keyout sslmanager.key -out sslmanager.cert -subj /CN={{ wazuh_manager_fqdn }}/" args: creates: sslmanager.cert chdir: /var/ossec/etc/ @@ -71,7 +71,7 @@ - name: Ensure ossec-authd service is disabled service: name=ossec-authd enabled=no state=stopped - when: old_authd_service.stat.exists == True + when: old_authd_service.stat.exists tags: - config @@ -80,7 +80,7 @@ with_items: - "/etc/init.d/ossec-authd" - "/lib/systemd/system/ossec-authd.service" - when: old_authd_service.stat.exists == True + when: old_authd_service.stat.exists tags: - config @@ -180,7 +180,7 @@ - name: Retrieving Wazuh-API User Credentials include_vars: wazuh_api_creds.yml when: - - not (( ansible_distribution == 'CentOS' or ansible_distribution == 'RedHat' ) and ansible_distribution_major_version|int < 6 ) + - not (ansible_distribution in ['CentOS','RedHat'] and ansible_distribution_major_version|int < 6) tags: - config @@ -198,9 +198,12 @@ - config - name: Check if client-syslog is enabled - shell: "grep -c 'ossec-csyslogd' /var/ossec/bin/.process_list | xargs echo" + shell: | + set -o pipefail + "grep -c 'ossec-csyslogd' /var/ossec/bin/.process_list | xargs echo" args: removes: /var/ossec/bin/.process_list + executable: /bin/bash changed_when: False check_mode: no register: csyslog_enabled @@ -212,14 +215,17 @@ notify: restart wazuh-manager when: - csyslog_enabled.stdout == '0' or "skipped" in csyslog_enabled.stdout - - syslog_output is defined and syslog_output == true + - syslog_output is defined and syslog_output tags: - config - name: Check if ossec-agentlessd is enabled - shell: "grep -c 'ossec-agentlessd' /var/ossec/bin/.process_list | xargs echo" + shell: | + set -o pipefail + "grep -c 'ossec-agentlessd' /var/ossec/bin/.process_list | xargs echo" args: removes: /var/ossec/bin/.process_list + executable: /bin/bash changed_when: False check_mode: no register: agentlessd_enabled @@ -252,7 +258,7 @@ poll: 0 when: - wazuh_manager_config.vuls.disable != 'yes' - - ansible_distribution == 'Redhat' or ansible_distribution == 'CentOS' or ansible_distribution == 'Ubuntu' or ansible_distribution == 'Debian' or ansible_distribution == 'Oracle' + - ansible_distribution in ['Redhat', 'CentOS', 'Ubuntu', 'Debian', 'Oracle'] tags: - init @@ -293,7 +299,7 @@ notify: restart wazuh-api when: - wazuh_api_user is defined - - not (( ansible_distribution == 'CentOS' or ansible_distribution == 'RedHat' ) and ansible_distribution_major_version|int < 6 ) + - not (ansible_distribution == 'CentOS' or ansible_distribution == 'RedHat' and ansible_distribution_major_version|int < 6) tags: - config @@ -345,7 +351,7 @@ environment: LD_LIBRARY_PATH: "$LD_LIBRARY_PATH:/var/ossec/framework/lib" when: - - not (( ansible_distribution == 'CentOS' or ansible_distribution == 'RedHat' ) and ansible_distribution_major_version|int < 6 ) + - not (ansible_distribution == 'CentOS' or ansible_distribution == 'RedHat' and ansible_distribution_major_version|int < 6) - name: Ensure Wazuh Manager is started and enabled (EL5) service: @@ -355,7 +361,7 @@ tags: - config when: - - ( ansible_distribution == 'CentOS' or ansible_distribution == 'RedHat' ) and ansible_distribution_major_version|int < 6 + - ansible_distribution in ['CentOS', 'RedHat'] and ansible_distribution_major_version|int < 6 - import_tasks: "RMRedHat.yml" when: ansible_os_family == "RedHat" From dc8438401fb2e9737d05b53a3095e5c7b3906f10 Mon Sep 17 00:00:00 2001 From: Werner Dijkerman Date: Tue, 16 Apr 2019 19:09:36 +0200 Subject: [PATCH 2/9] Added where possible the wazuh-manager role idempotent. Have to disable this because of issue #107 --- molecule/default/molecule.yml | 14 ++++++++++++++ roles/wazuh/ansible-wazuh-manager/tasks/Debian.yml | 6 ++++-- .../wazuh/ansible-wazuh-manager/tasks/RMDebian.yml | 2 ++ .../wazuh/ansible-wazuh-manager/tasks/RMRedHat.yml | 2 ++ roles/wazuh/ansible-wazuh-manager/tasks/RedHat.yml | 2 ++ roles/wazuh/ansible-wazuh-manager/tasks/main.yml | 6 +++++- 6 files changed, 29 insertions(+), 3 deletions(-) diff --git a/molecule/default/molecule.yml b/molecule/default/molecule.yml index e18bd1f9b..e8fa0c771 100644 --- a/molecule/default/molecule.yml +++ b/molecule/default/molecule.yml @@ -37,6 +37,20 @@ provisioner: enabled: true # fix in seperate PR scenario: name: default + test_sequence: + - lint + - dependency + - cleanup + - destroy + - syntax + - create + - prepare + - converge + # - idempotence + - side_effect + - verify + - cleanup + - destroy verifier: name: testinfra lint: diff --git a/roles/wazuh/ansible-wazuh-manager/tasks/Debian.yml b/roles/wazuh/ansible-wazuh-manager/tasks/Debian.yml index 8123e4c9c..e9be63db1 100644 --- a/roles/wazuh/ansible-wazuh-manager/tasks/Debian.yml +++ b/roles/wazuh/ansible-wazuh-manager/tasks/Debian.yml @@ -31,6 +31,7 @@ repo: 'deb https://packages.wazuh.com/3.x/apt/ stable main' state: present update_cache: yes + changed_when: False - name: Debian/Ubuntu | Installing NodeJS repository key (Ubuntu 14) become: yes @@ -55,6 +56,7 @@ repo: "deb https://deb.nodesource.com/node_6.x {{ ansible_distribution_release }} main" state: present update_cache: yes + changed_when: False - name: Debian/Ubuntu | Set Distribution CIS filename for Debian/Ubuntu set_fact: @@ -101,7 +103,7 @@ shell: "dpkg-query --showformat='${Version}' --show libopenscap8" when: wazuh_manager_config.openscap.disable == 'no' register: openscap_version - changed_when: true + changed_when: False tags: - config @@ -109,6 +111,6 @@ shell: "dpkg --compare-versions '{{ openscap_version.stdout }}' '>=' '1.2'; echo $?" when: wazuh_manager_config.openscap.disable == 'no' register: openscap_version_valid - changed_when: true + changed_when: False tags: - config diff --git a/roles/wazuh/ansible-wazuh-manager/tasks/RMDebian.yml b/roles/wazuh/ansible-wazuh-manager/tasks/RMDebian.yml index 1fb9b04d3..c0f1f797b 100644 --- a/roles/wazuh/ansible-wazuh-manager/tasks/RMDebian.yml +++ b/roles/wazuh/ansible-wazuh-manager/tasks/RMDebian.yml @@ -3,8 +3,10 @@ apt_repository: repo: deb https://packages.wazuh.com/apt {{ ansible_distribution_release }} main state: absent + changed_when: False - name: Debian/Ubuntu | Remove Nodejs repository. apt_repository: repo: deb https://deb.nodesource.com/node_6.x {{ ansible_distribution_release }} main state: absent + changed_when: False diff --git a/roles/wazuh/ansible-wazuh-manager/tasks/RMRedHat.yml b/roles/wazuh/ansible-wazuh-manager/tasks/RMRedHat.yml index 6349dc6a1..2b30cf5c6 100644 --- a/roles/wazuh/ansible-wazuh-manager/tasks/RMRedHat.yml +++ b/roles/wazuh/ansible-wazuh-manager/tasks/RMRedHat.yml @@ -3,8 +3,10 @@ yum_repository: name: NodeJS state: absent + changed_when: False - name: RedHat/CentOS/Fedora | Remove Wazuh repository (and clean up left-over metadata) yum_repository: name: wazuh_repo state: absent + changed_when: False diff --git a/roles/wazuh/ansible-wazuh-manager/tasks/RedHat.yml b/roles/wazuh/ansible-wazuh-manager/tasks/RedHat.yml index 93118e831..0bf5aca20 100644 --- a/roles/wazuh/ansible-wazuh-manager/tasks/RedHat.yml +++ b/roles/wazuh/ansible-wazuh-manager/tasks/RedHat.yml @@ -6,6 +6,7 @@ baseurl: https://rpm.nodesource.com/pub_6.x/el/{{ ansible_distribution_major_version }}/x86_64 gpgkey: https://rpm.nodesource.com/pub/el/NODESOURCE-GPG-SIGNING-KEY-EL gpgcheck: yes + changed_when: False when: - ansible_distribution_major_version|int > 5 @@ -42,6 +43,7 @@ baseurl: https://packages.wazuh.com/3.x/yum/ gpgkey: https://packages.wazuh.com/key/GPG-KEY-WAZUH gpgcheck: yes + changed_when: False when: - (ansible_distribution_major_version|int > 5) or (ansible_distribution == "Amazon" and ansible_distribution_major_version == "NA") diff --git a/roles/wazuh/ansible-wazuh-manager/tasks/main.yml b/roles/wazuh/ansible-wazuh-manager/tasks/main.yml index 5ccc40576..02c2a4408 100644 --- a/roles/wazuh/ansible-wazuh-manager/tasks/main.yml +++ b/roles/wazuh/ansible-wazuh-manager/tasks/main.yml @@ -329,12 +329,16 @@ group: ossec mode: 0640 no_log: true + register: wazuh_manager_cdb_lists + until: wazuh_manager_cdb_lists is succeeded notify: - rebuild cdb_lists - restart wazuh-manager with_items: - "{{ cdb_lists }}" - when: cdb_lists is defined + when: + - cdb_lists is defined + - cdb_lists is iterable tags: - config From 41f7be184ef4718e4c157703b73f3da8fa8c494b Mon Sep 17 00:00:00 2001 From: Werner Dijkerman Date: Tue, 16 Apr 2019 19:16:54 +0200 Subject: [PATCH 3/9] Added retries for tasks that work with "3rd" party services --- .../wazuh/ansible-wazuh-manager/tasks/Debian.yml | 6 ++++++ .../wazuh/ansible-wazuh-manager/tasks/RedHat.yml | 15 +++++++++++++++ roles/wazuh/ansible-wazuh-manager/tasks/main.yml | 4 ++++ 3 files changed, 25 insertions(+) diff --git a/roles/wazuh/ansible-wazuh-manager/tasks/Debian.yml b/roles/wazuh/ansible-wazuh-manager/tasks/Debian.yml index e9be63db1..beb764b2f 100644 --- a/roles/wazuh/ansible-wazuh-manager/tasks/Debian.yml +++ b/roles/wazuh/ansible-wazuh-manager/tasks/Debian.yml @@ -6,6 +6,8 @@ - ca-certificates - gnupg state: present + register: wazuh_manager_https_packages_installed + until: wazuh_manager_https_packages_installed is succeeded cache_valid_time: 3600 - name: Debian/Ubuntu | Installing Wazuh repository key (Ubuntu 14) @@ -84,6 +86,8 @@ name: oracle-java8-installer state: present cache_valid_time: 3600 + register: wazuh_manager_oracle_java_8_installed + until: wazuh_manager_oracle_java_8_installed is succeeded tags: - init @@ -92,6 +96,8 @@ name: "{{ item }}" state: present cache_valid_time: 3600 + register: wazuh_manager_openscap_installed + until: wazuh_manager_openscap_installed is succeeded when: wazuh_manager_config.openscap.disable == 'no' with_items: - libopenscap8 diff --git a/roles/wazuh/ansible-wazuh-manager/tasks/RedHat.yml b/roles/wazuh/ansible-wazuh-manager/tasks/RedHat.yml index 0bf5aca20..3f498b67b 100644 --- a/roles/wazuh/ansible-wazuh-manager/tasks/RedHat.yml +++ b/roles/wazuh/ansible-wazuh-manager/tasks/RedHat.yml @@ -33,6 +33,8 @@ yum: name: nodejs state: present + register: wazuh_manager_amz_node_packages_installed + until: wazuh_manager_amz_node_packages_installed is succeeded when: - ansible_distribution == "Amazon" and ansible_distribution_major_version == "NA" @@ -62,12 +64,16 @@ with_items: - openscap-scanner - openssl + register: wazuh_manager_openscp_packages_installed + until: wazuh_manager_openscp_packages_installed is succeeded tags: - init when: not (ansible_distribution == "Amazon" and ansible_distribution_major_version == "NA") - name: CentOS 6 | Install Software Collections (SCL) Repository package: name=centos-release-scl state=present + register: wazuh_manager_scl_packages_installed + until: wazuh_manager_scl_packages_installed is succeeded when: - ansible_distribution == 'CentOS' and ansible_distribution_major_version == '6' - wazuh_manager_config.cluster.disable != 'yes' @@ -83,12 +89,16 @@ - name: CentOS/RedHat 6 | Install Python 2.7 package: name=python27 state=present + register: wazuh_manager_python_package_installed + until: wazuh_manager_python_package_installed is succeeded when: - ( ansible_distribution == 'CentOS' or ansible_distribution == 'RedHat' ) and ansible_distribution_major_version == '6' - wazuh_manager_config.cluster.disable != 'yes' - name: CentOS/RedHat 6 | Install python-cryptography module pip: name=cryptography state=present + register: wazuh_manager_cryptography_package_installed + until: wazuh_manager_cryptography_package_installed is succeeded environment: PATH: "/opt/rh/python27/root/usr/bin:{{ ansible_env.PATH }}" LD_LIBRARY_PATH: "/opt/rh/python27/root/usr/lib64:/opt/rh/python27/root/usr/lib" @@ -98,6 +108,8 @@ - name: RedHat/CentOS/Fedora | Install python-cryptography module package: name=python-cryptography state=present + register: wazuh_manager_cryptography_package_installed + until: wazuh_manager_cryptography_package_installed is succeeded when: - not (( ansible_distribution == 'CentOS' or ansible_distribution == 'RedHat') and ansible_distribution_major_version == '6' ) - wazuh_manager_config.cluster.disable != 'yes' @@ -108,6 +120,7 @@ dest: /tmp/jre-8-linux-x64.rpm headers: 'Cookie:oraclelicense=accept-securebackup-cookie' register: oracle_java_task_rpm_download + until: oracle_java_task_rpm_download is succeeded when: - wazuh_manager_config.cis_cat.disable == 'no' - wazuh_manager_config.cis_cat.install_java == 'yes' @@ -116,6 +129,8 @@ - name: RedHat/CentOS/Fedora | Install Oracle Java RPM package: name=/tmp/jre-8-linux-x64.rpm state=present + register: wazuh_manager_oracle_java_installed + until: wazuh_manager_oracle_java_installed is succeeded when: - wazuh_manager_config.cis_cat.disable == 'no' - wazuh_manager_config.cis_cat.install_java == 'yes' diff --git a/roles/wazuh/ansible-wazuh-manager/tasks/main.yml b/roles/wazuh/ansible-wazuh-manager/tasks/main.yml index 02c2a4408..9e538e096 100644 --- a/roles/wazuh/ansible-wazuh-manager/tasks/main.yml +++ b/roles/wazuh/ansible-wazuh-manager/tasks/main.yml @@ -11,6 +11,8 @@ - wazuh-manager - wazuh-api - expect + register: wazuh_manager_main_packages_installed + until: wazuh_manager_main_packages_installed is succeeded when: - not (ansible_distribution in ['CentOS','RedHat'] and ansible_distribution_major_version|int < 6) tags: @@ -30,6 +32,8 @@ with_items: - wazuh-manager - expect + register: wazuh_manager_main_packages_installed + until: wazuh_manager_main_packages_installed is succeeded when: - ansible_distribution in ['CentOS','RedHat'] and ansible_distribution_major_version|int < 6 tags: From d20608b770b5d7f5e3404c95844d27d04ae29a68 Mon Sep 17 00:00:00 2001 From: Werner Dijkerman Date: Tue, 16 Apr 2019 19:19:50 +0200 Subject: [PATCH 4/9] Added retries for the prepare playbook --- molecule/default/prepare.yml | 4 ++++ 1 file changed, 4 insertions(+) diff --git a/molecule/default/prepare.yml b/molecule/default/prepare.yml index 2ef19d180..ac7889557 100644 --- a/molecule/default/prepare.yml +++ b/molecule/default/prepare.yml @@ -10,6 +10,8 @@ - python-setuptools - python-pip state: latest + register: wazuh_manager_trusty_packages_installed + until: wazuh_manager_trusty_packages_installed is succeeded when: - ansible_distribution == "Ubuntu" - ansible_distribution_major_version | int == 14 @@ -19,3 +21,5 @@ name: - curl state: latest + register: wazuh_manager_dependencies_packages_installed + until: wazuh_manager_dependencies_packages_installed is succeeded From fa7a5e6b91552bf372d2b0ca1a9d22583c13e244 Mon Sep 17 00:00:00 2001 From: Werner Dijkerman Date: Tue, 16 Apr 2019 20:36:31 +0200 Subject: [PATCH 5/9] Added some tests with Testinfra --- molecule/default/molecule.yml | 14 +--- molecule/default/playbook.yml | 2 +- molecule/default/tests/test_default.py | 68 +++++++++++++++---- .../ansible-wazuh-manager/tasks/Debian.yml | 4 +- 4 files changed, 59 insertions(+), 29 deletions(-) diff --git a/molecule/default/molecule.yml b/molecule/default/molecule.yml index e8fa0c771..785a525ca 100644 --- a/molecule/default/molecule.yml +++ b/molecule/default/molecule.yml @@ -9,25 +9,17 @@ lint: platforms: - name: wazuh_manager_bionic image: ubuntu:bionic - groups: - - wazuh_manager - name: wazuh_manager_xenial - image: ubuntu:xenial - groups: - - wazuh_manager + image: solita/ubuntu-systemd:xenial + privileged: True + command: /sbin/init - name: wazuh_manager_trusty image: ubuntu:trusty - groups: - - wazuh_manager - name: wazuh_manager_centos6 image: centos:6 - groups: - - wazuh_manager - name: wazuh_manager_centos7 image: milcom/centos7-systemd privileged: True - groups: - - wazuh_manager provisioner: name: ansible env: diff --git a/molecule/default/playbook.yml b/molecule/default/playbook.yml index d74f3e66b..a1865ee8e 100644 --- a/molecule/default/playbook.yml +++ b/molecule/default/playbook.yml @@ -1,6 +1,6 @@ --- - name: Converge - hosts: wazuh_manager + hosts: all roles: - role: wazuh/ansible-wazuh-manager diff --git a/molecule/default/tests/test_default.py b/molecule/default/tests/test_default.py index c47becebf..0ae01a925 100644 --- a/molecule/default/tests/test_default.py +++ b/molecule/default/tests/test_default.py @@ -1,4 +1,5 @@ import os +import pytest import testinfra.utils.ansible_runner @@ -6,25 +7,62 @@ os.environ['MOLECULE_INVENTORY_FILE']).get_hosts('all') -def test_hosts_file(host): - f = host.file('/etc/hosts') +def get_wazuh_version(): + """This return the version of Wazuh.""" + return "3.8" - assert f.exists - assert f.user == 'root' - assert f.group == 'root' +def test_wazuh_packages_are_installed(host): + """Test if the main packages are installed.""" + manager = host.package("wazuh-manager") + api = host.package("wazuh-api") -def test_filebeat_is_installed(host): - package = host.package("filebeat") - assert package.is_installed - assert package.version.startswith("6") + distribution = host.system_info.distribution.lower() + if distribution == 'centos': + if host.system_info.release == "7": + assert manager.is_installed + assert manager.version.startswith(get_wazuh_version()) + assert api.is_installed + assert api.version.startswith(get_wazuh_version()) + elif host.system_info.release.startswith("6"): + assert manager.is_installed + assert manager.version.startswith(get_wazuh_version()) + elif distribution == 'ubuntu': + assert manager.is_installed + assert manager.version.startswith(get_wazuh_version()) -def test_filebeat_service_enabled(host): - service = host.service('filebeat') - assert service.is_enabled +def test_wazuh_services_are_running(host): + """Test if the services are enabled and running. + When assert commands are commented, this means that the service command has a + wrong exit code: https://github.com/wazuh/wazuh-ansible/issues/107 + """ + manager = host.service("wazuh-manager") + api = host.service("wazuh-api") -def test_filebeat_config_file_present(host): - config_file = host.file('/etc/filebeat/filebeat.yml') - assert config_file.is_file + distribution = host.system_info.distribution.lower() + if distribution == 'centos': + # assert manager.is_running + assert manager.is_enabled + # assert not api.is_running + assert not api.is_enabled + elif distribution == 'ubuntu': + # assert manager.is_running + assert manager.is_enabled + # assert api.is_running + assert api.is_enabled + +@pytest.mark.parametrize("wazuh_file, wazuh_owner, wazuh_group, wazuh_mode", [ + ("/var/ossec/etc/sslmanager.cert", "root", "root", 0o640), + ("/var/ossec/etc/sslmanager.key", "root", "root", 0o640), + ("/var/ossec/etc/rules/local_rules.xml", "root", "ossec", 0o640), + ("/var/ossec/etc/lists/audit-keys", "root", "ossec", 0o640), +]) +def test_wazuh_files(host, wazuh_file, wazuh_owner, wazuh_group, wazuh_mode): + """Test if Wazuh related files exist and have proper owners and mode.""" + wazuh_file_host = host.file(wazuh_file) + + assert wazuh_file_host.user == wazuh_owner + assert wazuh_file_host.group == wazuh_group + assert wazuh_file_host.mode == wazuh_mode diff --git a/roles/wazuh/ansible-wazuh-manager/tasks/Debian.yml b/roles/wazuh/ansible-wazuh-manager/tasks/Debian.yml index beb764b2f..3fc54e841 100644 --- a/roles/wazuh/ansible-wazuh-manager/tasks/Debian.yml +++ b/roles/wazuh/ansible-wazuh-manager/tasks/Debian.yml @@ -6,9 +6,9 @@ - ca-certificates - gnupg state: present - register: wazuh_manager_https_packages_installed - until: wazuh_manager_https_packages_installed is succeeded cache_valid_time: 3600 + register: wazuh_manager_https_packages_installed + until: wazuh_manager_https_packages_installed is succeeded - name: Debian/Ubuntu | Installing Wazuh repository key (Ubuntu 14) become: yes From ad256682b08f82badfb6bb84a73dfdd0bad302a9 Mon Sep 17 00:00:00 2001 From: Werner Dijkerman Date: Tue, 16 Apr 2019 20:38:50 +0200 Subject: [PATCH 6/9] Rename the platforms --- molecule/default/molecule.yml | 10 +++++----- 1 file changed, 5 insertions(+), 5 deletions(-) diff --git a/molecule/default/molecule.yml b/molecule/default/molecule.yml index 785a525ca..cb20e33fd 100644 --- a/molecule/default/molecule.yml +++ b/molecule/default/molecule.yml @@ -7,17 +7,17 @@ lint: name: yamllint enabled: false # fix in seperate PR platforms: - - name: wazuh_manager_bionic + - name: bionic image: ubuntu:bionic - - name: wazuh_manager_xenial + - name: xenial image: solita/ubuntu-systemd:xenial privileged: True command: /sbin/init - - name: wazuh_manager_trusty + - name: trusty image: ubuntu:trusty - - name: wazuh_manager_centos6 + - name: centos6 image: centos:6 - - name: wazuh_manager_centos7 + - name: centos7 image: milcom/centos7-systemd privileged: True provisioner: From 25dc5ddd930d5ab08478c8f8b85e05aea7abcffd Mon Sep 17 00:00:00 2001 From: Werner Dijkerman Date: Tue, 16 Apr 2019 20:57:58 +0200 Subject: [PATCH 7/9] Fixed lint issue on tests --- molecule/default/tests/test_default.py | 5 +++-- 1 file changed, 3 insertions(+), 2 deletions(-) diff --git a/molecule/default/tests/test_default.py b/molecule/default/tests/test_default.py index 0ae01a925..f2ee6eada 100644 --- a/molecule/default/tests/test_default.py +++ b/molecule/default/tests/test_default.py @@ -35,8 +35,8 @@ def test_wazuh_packages_are_installed(host): def test_wazuh_services_are_running(host): """Test if the services are enabled and running. - When assert commands are commented, this means that the service command has a - wrong exit code: https://github.com/wazuh/wazuh-ansible/issues/107 + When assert commands are commented, this means that the service command has + a wrong exit code: https://github.com/wazuh/wazuh-ansible/issues/107 """ manager = host.service("wazuh-manager") api = host.service("wazuh-api") @@ -53,6 +53,7 @@ def test_wazuh_services_are_running(host): # assert api.is_running assert api.is_enabled + @pytest.mark.parametrize("wazuh_file, wazuh_owner, wazuh_group, wazuh_mode", [ ("/var/ossec/etc/sslmanager.cert", "root", "root", 0o640), ("/var/ossec/etc/sslmanager.key", "root", "root", 0o640), From 509f87aa708192d5a6df13efa18333ae41628fdd Mon Sep 17 00:00:00 2001 From: Werner Dijkerman Date: Wed, 17 Apr 2019 19:05:17 +0200 Subject: [PATCH 8/9] Updated versions of the required modules like Molecule --- Pipfile.lock | 372 ++++++++++++++++++++++++++++++--------------------- 1 file changed, 216 insertions(+), 156 deletions(-) diff --git a/Pipfile.lock b/Pipfile.lock index f555b0144..1df7c8478 100644 --- a/Pipfile.lock +++ b/Pipfile.lock @@ -18,16 +18,17 @@ "default": { "ansible": { "hashes": [ - "sha256:040cc936f959b947800ffaa5f940d2508aaa41f899efe56b47a7442c89689150" + "sha256:84a42d1e371c4222c82e575cb6961fafd3afe920d84e4b6d87affabe400be294" ], "index": "pypi", - "version": "==2.7.7" + "version": "==2.7.10" }, "ansible-lint": { "hashes": [ - "sha256:7686dad54aab9281562a5788415af1488b9af8a5acc99c042ecb9959b6ab7a57" + "sha256:9430ea6e654ba4bf5b9c6921efc040f46cda9c4fd2896a99ff71d21037bcb123", + "sha256:c1b442b01091eca13ef11d98c3376e9489ba5b69a8467828ca86044f384bc0a1" ], - "version": "==3.4.23" + "version": "==4.1.0" }, "anyconfig": { "hashes": [ @@ -37,9 +38,10 @@ }, "arrow": { "hashes": [ - "sha256:9cb4a910256ed536751cd5728673bfb53e6f0026e240466f90c2a92c0b79c895" + "sha256:3397e5448952e18e1295bf047014659effa5ae8da6a5371d37ff0ddc46fa6872", + "sha256:6f54d9f016c0b7811fac9fb8c2c7fa7421d80c54dbdd75ffb12913c55db60b8a" ], - "version": "==0.13.0" + "version": "==0.13.1" }, "asn1crypto": { "hashes": [ @@ -57,16 +59,17 @@ }, "attrs": { "hashes": [ - "sha256:10cbf6e27dbce8c30807caf056c8eb50917e0eaafe86347671b57254006c3e69", - "sha256:ca4be454458f9dec299268d472aaa5a11f67a4ff70093396e1ceae9c76cf4bbb" + "sha256:69c0dbf2ed392de1cb5ec704444b08a5ef81680a61cb899dc08127123af36a79", + "sha256:f0b870f674851ecbfbbbd364d6b5cbdff9dcedbc7f3f5e18a6891057f21fe399" ], - "version": "==18.2.0" + "version": "==19.1.0" }, "backports.functools-lru-cache": { "hashes": [ "sha256:9d98697f088eb1b0fa451391f91afb5e3ebde16bbdb272819fd091151fda4f1a", "sha256:f0b0e4eba956de51238e17573b7087e852dfe9854afd2e9c873f73fc0ca0a6dd" ], + "markers": "python_version == '2.7'", "version": "==1.5" }, "backports.ssl-match-hostname": { @@ -115,47 +118,43 @@ }, "certifi": { "hashes": [ - "sha256:47f9c83ef4c0c621eaef743f133f09fa8a74a9b75f037e8624f83bd1b6626cb7", - "sha256:993f830721089fef441cdfeb4b2c8c9df86f0c63239f06bd025a76a7daddb033" + "sha256:59b7658e26ca9c7339e00f8f4636cdfe59d34fa37b9b04f6f9e9926b3cece1a5", + "sha256:b26104d6835d1f5e49452a26eb2ff87fe7090b89dfcaee5ea2212697e1e1d7ae" ], - "version": "==2018.11.29" + "version": "==2019.3.9" }, "cffi": { "hashes": [ - "sha256:151b7eefd035c56b2b2e1eb9963c90c6302dc15fbd8c1c0a83a163ff2c7d7743", - "sha256:1553d1e99f035ace1c0544050622b7bc963374a00c467edafac50ad7bd276aef", - "sha256:1b0493c091a1898f1136e3f4f991a784437fac3673780ff9de3bcf46c80b6b50", - "sha256:2ba8a45822b7aee805ab49abfe7eec16b90587f7f26df20c71dd89e45a97076f", - "sha256:3bb6bd7266598f318063e584378b8e27c67de998a43362e8fce664c54ee52d30", - "sha256:3c85641778460581c42924384f5e68076d724ceac0f267d66c757f7535069c93", - "sha256:3eb6434197633b7748cea30bf0ba9f66727cdce45117a712b29a443943733257", - "sha256:495c5c2d43bf6cebe0178eb3e88f9c4aa48d8934aa6e3cddb865c058da76756b", - "sha256:4c91af6e967c2015729d3e69c2e51d92f9898c330d6a851bf8f121236f3defd3", - "sha256:57b2533356cb2d8fac1555815929f7f5f14d68ac77b085d2326b571310f34f6e", - "sha256:770f3782b31f50b68627e22f91cb182c48c47c02eb405fd689472aa7b7aa16dc", - "sha256:79f9b6f7c46ae1f8ded75f68cf8ad50e5729ed4d590c74840471fc2823457d04", - "sha256:7a33145e04d44ce95bcd71e522b478d282ad0eafaf34fe1ec5bbd73e662f22b6", - "sha256:857959354ae3a6fa3da6651b966d13b0a8bed6bbc87a0de7b38a549db1d2a359", - "sha256:87f37fe5130574ff76c17cab61e7d2538a16f843bb7bca8ebbc4b12de3078596", - "sha256:95d5251e4b5ca00061f9d9f3d6fe537247e145a8524ae9fd30a2f8fbce993b5b", - "sha256:9d1d3e63a4afdc29bd76ce6aa9d58c771cd1599fbba8cf5057e7860b203710dd", - "sha256:a36c5c154f9d42ec176e6e620cb0dd275744aa1d804786a71ac37dc3661a5e95", - "sha256:a6a5cb8809091ec9ac03edde9304b3ad82ad4466333432b16d78ef40e0cce0d5", - "sha256:ae5e35a2c189d397b91034642cb0eab0e346f776ec2eb44a49a459e6615d6e2e", - "sha256:b0f7d4a3df8f06cf49f9f121bead236e328074de6449866515cea4907bbc63d6", - "sha256:b75110fb114fa366b29a027d0c9be3709579602ae111ff61674d28c93606acca", - "sha256:ba5e697569f84b13640c9e193170e89c13c6244c24400fc57e88724ef610cd31", - "sha256:be2a9b390f77fd7676d80bc3cdc4f8edb940d8c198ed2d8c0be1319018c778e1", - "sha256:ca1bd81f40adc59011f58159e4aa6445fc585a32bb8ac9badf7a2c1aa23822f2", - "sha256:d5d8555d9bfc3f02385c1c37e9f998e2011f0db4f90e250e5bc0c0a85a813085", - "sha256:e55e22ac0a30023426564b1059b035973ec82186ddddbac867078435801c7801", - "sha256:e90f17980e6ab0f3c2f3730e56d1fe9bcba1891eeea58966e89d352492cc74f4", - "sha256:ecbb7b01409e9b782df5ded849c178a0aa7c906cf8c5a67368047daab282b184", - "sha256:ed01918d545a38998bfa5902c7c00e0fee90e957ce036a4000a88e3fe2264917", - "sha256:edabd457cd23a02965166026fd9bfd196f4324fe6032e866d0f3bd0301cd486f", - "sha256:fdf1c1dc5bafc32bc5d08b054f94d659422b05aba244d6be4ddc1c72d9aa70fb" - ], - "version": "==1.11.5" + "sha256:00b97afa72c233495560a0793cdc86c2571721b4271c0667addc83c417f3d90f", + "sha256:0ba1b0c90f2124459f6966a10c03794082a2f3985cd699d7d63c4a8dae113e11", + "sha256:0bffb69da295a4fc3349f2ec7cbe16b8ba057b0a593a92cbe8396e535244ee9d", + "sha256:21469a2b1082088d11ccd79dd84157ba42d940064abbfa59cf5f024c19cf4891", + "sha256:2e4812f7fa984bf1ab253a40f1f4391b604f7fc424a3e21f7de542a7f8f7aedf", + "sha256:2eac2cdd07b9049dd4e68449b90d3ef1adc7c759463af5beb53a84f1db62e36c", + "sha256:2f9089979d7456c74d21303c7851f158833d48fb265876923edcb2d0194104ed", + "sha256:3dd13feff00bddb0bd2d650cdb7338f815c1789a91a6f68fdc00e5c5ed40329b", + "sha256:4065c32b52f4b142f417af6f33a5024edc1336aa845b9d5a8d86071f6fcaac5a", + "sha256:51a4ba1256e9003a3acf508e3b4f4661bebd015b8180cc31849da222426ef585", + "sha256:59888faac06403767c0cf8cfb3f4a777b2939b1fbd9f729299b5384f097f05ea", + "sha256:59c87886640574d8b14910840327f5cd15954e26ed0bbd4e7cef95fa5aef218f", + "sha256:610fc7d6db6c56a244c2701575f6851461753c60f73f2de89c79bbf1cc807f33", + "sha256:70aeadeecb281ea901bf4230c6222af0248c41044d6f57401a614ea59d96d145", + "sha256:71e1296d5e66c59cd2c0f2d72dc476d42afe02aeddc833d8e05630a0551dad7a", + "sha256:8fc7a49b440ea752cfdf1d51a586fd08d395ff7a5d555dc69e84b1939f7ddee3", + "sha256:9b5c2afd2d6e3771d516045a6cfa11a8da9a60e3d128746a7fe9ab36dfe7221f", + "sha256:9c759051ebcb244d9d55ee791259ddd158188d15adee3c152502d3b69005e6bd", + "sha256:b4d1011fec5ec12aa7cc10c05a2f2f12dfa0adfe958e56ae38dc140614035804", + "sha256:b4f1d6332339ecc61275bebd1f7b674098a66fea11a00c84d1c58851e618dc0d", + "sha256:c030cda3dc8e62b814831faa4eb93dd9a46498af8cd1d5c178c2de856972fd92", + "sha256:c2e1f2012e56d61390c0e668c20c4fb0ae667c44d6f6a2eeea5d7148dcd3df9f", + "sha256:c37c77d6562074452120fc6c02ad86ec928f5710fbc435a181d69334b4de1d84", + "sha256:c8149780c60f8fd02752d0429246088c6c04e234b895c4a42e1ea9b4de8d27fb", + "sha256:cbeeef1dc3c4299bd746b774f019de9e4672f7cc666c777cd5b409f0b746dac7", + "sha256:e113878a446c6228669144ae8a56e268c91b7f1fafae927adc4879d9849e0ea7", + "sha256:e21162bf941b85c0cda08224dade5def9360f53b09f9f259adb85fc7dd0e7b35", + "sha256:fb6934ef4744becbda3143d30c6604718871495a5e36c408431bf33d9c146889" + ], + "version": "==1.12.2" }, "chardet": { "hashes": [ @@ -186,12 +185,11 @@ }, "configparser": { "hashes": [ - "sha256:5bd5fa2a491dc3cfe920a3f2a107510d65eceae10e9c6e547b90261a4710df32", - "sha256:c114ff90ee2e762db972fa205f02491b1f5cf3ff950decd8542c62970c9bedac", - "sha256:df28e045fbff307a28795b18df6ac8662be3219435560ddb068c283afab1ea7a" + "sha256:8be81d89d6e7b4c0d4e44bcc525845f6da25821de80cb5e06e7e0238a2899e32", + "sha256:da60d0014fd8c55eb48c1c5354352e363e2d30bbf7057e5e171a468390184c75" ], "markers": "python_version < '3.2'", - "version": "==3.7.1" + "version": "==3.7.4" }, "cookiecutter": { "hashes": [ @@ -202,27 +200,27 @@ }, "cryptography": { "hashes": [ - "sha256:05b3ded5e88747d28ee3ef493f2b92cbb947c1e45cf98cfef22e6d38bb67d4af", - "sha256:06826e7f72d1770e186e9c90e76b4f84d90cdb917b47ff88d8dc59a7b10e2b1e", - "sha256:08b753df3672b7066e74376f42ce8fc4683e4fd1358d34c80f502e939ee944d2", - "sha256:2cd29bd1911782baaee890544c653bb03ec7d95ebeb144d714b0f5c33deb55c7", - "sha256:31e5637e9036d966824edaa91bf0aa39dc6f525a1c599f39fd5c50340264e079", - "sha256:42fad67d7072216a49e34f923d8cbda9edacbf6633b19a79655e88a1b4857063", - "sha256:4946b67235b9d2ea7d31307be9d5ad5959d6c4a8f98f900157b47abddf698401", - "sha256:522fdb2809603ee97a4d0ef2f8d617bc791eb483313ba307cb9c0a773e5e5695", - "sha256:6f841c7272645dd7c65b07b7108adfa8af0aaea57f27b7f59e01d41f75444c85", - "sha256:7d335e35306af5b9bc0560ca39f740dfc8def72749645e193dd35be11fb323b3", - "sha256:8504661ffe324837f5c4607347eeee4cf0fcad689163c6e9c8d3b18cf1f4a4ad", - "sha256:9260b201ce584d7825d900c88700aa0bd6b40d4ebac7b213857bd2babee9dbca", - "sha256:9a30384cc402eac099210ab9b8801b2ae21e591831253883decdb4513b77a3cd", - "sha256:9e29af877c29338f0cab5f049ccc8bd3ead289a557f144376c4fbc7d1b98914f", - "sha256:ab50da871bc109b2d9389259aac269dd1b7c7413ee02d06fe4e486ed26882159", - "sha256:b13c80b877e73bcb6f012813c6f4a9334fcf4b0e96681c5a15dac578f2eedfa0", - "sha256:bfe66b577a7118e05b04141f0f1ed0959552d45672aa7ecb3d91e319d846001e", - "sha256:e091bd424567efa4b9d94287a952597c05d22155a13716bf5f9f746b9dc906d3", - "sha256:fa2b38c8519c5a3aa6e2b4e1cf1a549b54acda6adb25397ff542068e73d1ed00" - ], - "version": "==2.5" + "sha256:066f815f1fe46020877c5983a7e747ae140f517f1b09030ec098503575265ce1", + "sha256:210210d9df0afba9e000636e97810117dc55b7157c903a55716bb73e3ae07705", + "sha256:26c821cbeb683facb966045e2064303029d572a87ee69ca5a1bf54bf55f93ca6", + "sha256:2afb83308dc5c5255149ff7d3fb9964f7c9ee3d59b603ec18ccf5b0a8852e2b1", + "sha256:2db34e5c45988f36f7a08a7ab2b69638994a8923853dec2d4af121f689c66dc8", + "sha256:409c4653e0f719fa78febcb71ac417076ae5e20160aec7270c91d009837b9151", + "sha256:45a4f4cf4f4e6a55c8128f8b76b4c057027b27d4c67e3fe157fa02f27e37830d", + "sha256:48eab46ef38faf1031e58dfcc9c3e71756a1108f4c9c966150b605d4a1a7f659", + "sha256:6b9e0ae298ab20d371fc26e2129fd683cfc0cfde4d157c6341722de645146537", + "sha256:6c4778afe50f413707f604828c1ad1ff81fadf6c110cb669579dea7e2e98a75e", + "sha256:8c33fb99025d353c9520141f8bc989c2134a1f76bac6369cea060812f5b5c2bb", + "sha256:9873a1760a274b620a135054b756f9f218fa61ca030e42df31b409f0fb738b6c", + "sha256:9b069768c627f3f5623b1cbd3248c5e7e92aec62f4c98827059eed7053138cc9", + "sha256:9e4ce27a507e4886efbd3c32d120db5089b906979a4debf1d5939ec01b9dd6c5", + "sha256:acb424eaca214cb08735f1a744eceb97d014de6530c1ea23beb86d9c6f13c2ad", + "sha256:c8181c7d77388fe26ab8418bb088b1a1ef5fde058c6926790c8a0a3d94075a4a", + "sha256:d4afbb0840f489b60f5a580a41a1b9c3622e08ecb5eec8614d4fb4cd914c4460", + "sha256:d9ed28030797c00f4bc43c86bf819266c76a5ea61d006cd4078a93ebf7da6bfd", + "sha256:e603aa7bb52e4e8ed4119a58a03b60323918467ef209e6ff9db3ac382e5cf2c6" + ], + "version": "==2.6.1" }, "docker-py": { "hashes": [ @@ -239,6 +237,13 @@ ], "version": "==0.4.0" }, + "entrypoints": { + "hashes": [ + "sha256:589f874b313739ad35be6e0cd7efde2a4e9b6fea91edcc34e58ecbb8dbe56d19", + "sha256:c70dd71abe5a8c85e55e12c19bd91ccfeec11a6e99044204511f9ed547d48451" + ], + "version": "==0.3" + }, "enum34": { "hashes": [ "sha256:2d81cbbe0e73112bdfe6ef8576f2238f2ba27dd0d55752a776c41d38b7da2850", @@ -258,10 +263,10 @@ }, "flake8": { "hashes": [ - "sha256:7253265f7abd8b313e3892944044a365e3f4ac3fcdcfb4298f55ee9ddf188ba0", - "sha256:c7841163e2b576d435799169b78703ad6ac1bbb0f199994fc05f700b2a90ea37" + "sha256:859996073f341f2670741b51ec1e67a01da142831aa1fdc6242dbf88dffbe661", + "sha256:a796a115208f5c03b18f332f7c11729812c8c3ded6c46319c59b53efd3819da8" ], - "version": "==3.5.0" + "version": "==3.7.7" }, "funcsigs": { "hashes": [ @@ -271,6 +276,14 @@ "markers": "python_version < '3.0'", "version": "==1.0.2" }, + "functools32": { + "hashes": [ + "sha256:89d824aa6c358c421a234d7f9ee0bd75933a67c29588ce50aaa3acdf4d403fa0", + "sha256:f6253dfbe0538ad2e387bd8fdfd9293c925d63553f5813c4e587745416501e6d" + ], + "markers": "python_version < '3.2'", + "version": "==3.2.3.post2" + }, "future": { "hashes": [ "sha256:67045236dcfd6816dc439556d009594abf643e5eb48992e36beac09c2ca659b8" @@ -279,25 +292,25 @@ }, "git-url-parse": { "hashes": [ - "sha256:0ae889a7fd7718c6409c3da5c8166efc2e41ea135c9667f2d762e76f39fc84bc", - "sha256:5817358173e9c41200da5750ca5cf9d1d3283d93d804f7e55613c1277e188060", - "sha256:8ed5a1ed3b19f9536a2f341882226beda359bc91f8b1ce3459ab9026afb637df" + "sha256:4655ee22f1d8bf7a1eb1066c1da16529b186966c6d8331f7f55686a76a9f7aef", + "sha256:7b5f4e3aeb1d693afeee67a3bd4ac063f7206c2e8e46e559f0da0da98445f117", + "sha256:9353ff40d69488ff2299b27f40e0350ad87bd5348ea6ea09a1895eda9e5733de" ], - "version": "==1.2.0" + "version": "==1.2.2" }, "idna": { "hashes": [ - "sha256:c357b3f628cf53ae2c4c05627ecc484553142ca23264e593d327bcde5e9c3407", - "sha256:ea8b7f6188e6fa117537c3df7da9fc686d485087abf6ac197f9c46432f7e4a3c" + "sha256:156a6814fb5ac1fc6850fb002e0852d56c0c8d2531923a51032d1b70760e186e", + "sha256:684a38a6f903c1d71d6d5fac066b58d7768af4de2b832e426ec79c30daa94a16" ], - "version": "==2.8" + "version": "==2.7" }, "ipaddress": { "hashes": [ "sha256:64b28eec5e78e7510698f6d4da08800a5c575caa4a286c93d651c5d3ff7b6794", "sha256:b146c751ea45cad6188dd6cf2d9b757f6f4f8d6ffb96a023e6f2e26eea02a72c" ], - "markers": "python_version < '3.3'", + "markers": "python_version < '3'", "version": "==1.0.22" }, "jinja2": { @@ -316,36 +329,36 @@ }, "markupsafe": { "hashes": [ - "sha256:048ef924c1623740e70204aa7143ec592504045ae4429b59c30054cb31e3c432", - "sha256:130f844e7f5bdd8e9f3f42e7102ef1d49b2e6fdf0d7526df3f87281a532d8c8b", - "sha256:19f637c2ac5ae9da8bfd98cef74d64b7e1bb8a63038a3505cd182c3fac5eb4d9", - "sha256:1b8a7a87ad1b92bd887568ce54b23565f3fd7018c4180136e1cf412b405a47af", - "sha256:1c25694ca680b6919de53a4bb3bdd0602beafc63ff001fea2f2fc16ec3a11834", - "sha256:1f19ef5d3908110e1e891deefb5586aae1b49a7440db952454b4e281b41620cd", - "sha256:1fa6058938190ebe8290e5cae6c351e14e7bb44505c4a7624555ce57fbbeba0d", - "sha256:31cbb1359e8c25f9f48e156e59e2eaad51cd5242c05ed18a8de6dbe85184e4b7", - "sha256:3e835d8841ae7863f64e40e19477f7eb398674da6a47f09871673742531e6f4b", - "sha256:4e97332c9ce444b0c2c38dd22ddc61c743eb208d916e4265a2a3b575bdccb1d3", - "sha256:525396ee324ee2da82919f2ee9c9e73b012f23e7640131dd1b53a90206a0f09c", - "sha256:52b07fbc32032c21ad4ab060fec137b76eb804c4b9a1c7c7dc562549306afad2", - "sha256:52ccb45e77a1085ec5461cde794e1aa037df79f473cbc69b974e73940655c8d7", - "sha256:5c3fbebd7de20ce93103cb3183b47671f2885307df4a17a0ad56a1dd51273d36", - "sha256:5e5851969aea17660e55f6a3be00037a25b96a9b44d2083651812c99d53b14d1", - "sha256:5edfa27b2d3eefa2210fb2f5d539fbed81722b49f083b2c6566455eb7422fd7e", - "sha256:7d263e5770efddf465a9e31b78362d84d015cc894ca2c131901a4445eaa61ee1", - "sha256:83381342bfc22b3c8c06f2dd93a505413888694302de25add756254beee8449c", - "sha256:857eebb2c1dc60e4219ec8e98dfa19553dae33608237e107db9c6078b1167856", - "sha256:98e439297f78fca3a6169fd330fbe88d78b3bb72f967ad9961bcac0d7fdd1550", - "sha256:bf54103892a83c64db58125b3f2a43df6d2cb2d28889f14c78519394feb41492", - "sha256:d9ac82be533394d341b41d78aca7ed0e0f4ba5a2231602e2f05aa87f25c51672", - "sha256:e982fe07ede9fada6ff6705af70514a52beb1b2c3d25d4e873e82114cf3c5401", - "sha256:edce2ea7f3dfc981c4ddc97add8a61381d9642dc3273737e756517cc03e84dd6", - "sha256:efdc45ef1afc238db84cb4963aa689c0408912a0239b0721cb172b4016eb31d6", - "sha256:f137c02498f8b935892d5c0172560d7ab54bc45039de8805075e19079c639a9c", - "sha256:f82e347a72f955b7017a39708a3667f106e6ad4d10b25f237396a7115d8ed5fd", - "sha256:fb7c206e01ad85ce57feeaaa0bf784b97fa3cad0d4a5737bc5295785f5c613a1" - ], - "version": "==1.1.0" + "sha256:00bc623926325b26bb9605ae9eae8a215691f33cae5df11ca5424f06f2d1f473", + "sha256:09027a7803a62ca78792ad89403b1b7a73a01c8cb65909cd876f7fcebd79b161", + "sha256:09c4b7f37d6c648cb13f9230d847adf22f8171b1ccc4d5682398e77f40309235", + "sha256:1027c282dad077d0bae18be6794e6b6b8c91d58ed8a8d89a89d59693b9131db5", + "sha256:24982cc2533820871eba85ba648cd53d8623687ff11cbb805be4ff7b4c971aff", + "sha256:29872e92839765e546828bb7754a68c418d927cd064fd4708fab9fe9c8bb116b", + "sha256:43a55c2930bbc139570ac2452adf3d70cdbb3cfe5912c71cdce1c2c6bbd9c5d1", + "sha256:46c99d2de99945ec5cb54f23c8cd5689f6d7177305ebff350a58ce5f8de1669e", + "sha256:500d4957e52ddc3351cabf489e79c91c17f6e0899158447047588650b5e69183", + "sha256:535f6fc4d397c1563d08b88e485c3496cf5784e927af890fb3c3aac7f933ec66", + "sha256:62fe6c95e3ec8a7fad637b7f3d372c15ec1caa01ab47926cfdf7a75b40e0eac1", + "sha256:6dd73240d2af64df90aa7c4e7481e23825ea70af4b4922f8ede5b9e35f78a3b1", + "sha256:717ba8fe3ae9cc0006d7c451f0bb265ee07739daf76355d06366154ee68d221e", + "sha256:79855e1c5b8da654cf486b830bd42c06e8780cea587384cf6545b7d9ac013a0b", + "sha256:7c1699dfe0cf8ff607dbdcc1e9b9af1755371f92a68f706051cc8c37d447c905", + "sha256:88e5fcfb52ee7b911e8bb6d6aa2fd21fbecc674eadd44118a9cc3863f938e735", + "sha256:8defac2f2ccd6805ebf65f5eeb132adcf2ab57aa11fdf4c0dd5169a004710e7d", + "sha256:98c7086708b163d425c67c7a91bad6e466bb99d797aa64f965e9d25c12111a5e", + "sha256:9add70b36c5666a2ed02b43b335fe19002ee5235efd4b8a89bfcf9005bebac0d", + "sha256:9bf40443012702a1d2070043cb6291650a0841ece432556f784f004937f0f32c", + "sha256:ade5e387d2ad0d7ebf59146cc00c8044acbd863725f887353a10df825fc8ae21", + "sha256:b00c1de48212e4cc9603895652c5c410df699856a2853135b3967591e4beebc2", + "sha256:b1282f8c00509d99fef04d8ba936b156d419be841854fe901d8ae224c59f0be5", + "sha256:b2051432115498d3562c084a49bba65d97cf251f5a331c64a12ee7e04dacc51b", + "sha256:ba59edeaa2fc6114428f1637ffff42da1e311e29382d81b339c1817d37ec93c6", + "sha256:c8716a48d94b06bb3b2524c2b77e055fb313aeb4ea620c8dd03a105574ba704f", + "sha256:cd5df75523866410809ca100dc9681e301e3c27567cf498077e8551b6d20e42f", + "sha256:e249096428b3ae81b08327a63a485ad0878de3fb939049038579ac0ef61e17e7" + ], + "version": "==1.1.1" }, "mccabe": { "hashes": [ @@ -356,12 +369,11 @@ }, "molecule": { "hashes": [ - "sha256:23b1b30b37998f0eb747dc06a602df59157fe78d3f6a9882dea9271d8d37cdee", - "sha256:59734fa4487e1d4b9be6f5a3c1192ac76445670bc44ee172f23ac122d90412e3", - "sha256:9be671194019476dae73970ff92946595e7a2b7cc9c10afb0395a020b9f0fcde" + "sha256:0e9ef6845cdf2a01f6c386445e4e54add3f515a033ee16b7b658e6122c8f0d76", + "sha256:621797c54299775f284bbb010d5bb9be485500eecaaa14a476cbc0df285d0da7" ], "index": "pypi", - "version": "==2.19.0" + "version": "==2.20.1" }, "monotonic": { "hashes": [ @@ -376,6 +388,7 @@ "sha256:c0a5785b1109a6bd7fac76d6837fd1feca158e54e521ccd2ae8bfe393cc9d4fc", "sha256:fe7a7cae1ccb57d33952113ff4fa1bc5f879963600ed74918f1236e212ee50b9" ], + "markers": "python_version <= '2.7'", "version": "==5.0.0" }, "paramiko": { @@ -401,10 +414,10 @@ }, "pbr": { "hashes": [ - "sha256:4f2b11d95917af76e936811be8361b2b19616e5ef3b55956a429ec7864378e0c", - "sha256:e0f23b61ec42473723b2fec2f33fb12558ff221ee551962f01dd4de9053c2055" + "sha256:f59d71442f9ece3dffc17bc36575768e1ee9967756e6b6535f0ee1f0054c3d68", + "sha256:f6d5b23f226a2ba58e14e49aa3b1bfaf814d0199144b95d78458212444de1387" ], - "version": "==4.1.0" + "version": "==5.1.1" }, "pexpect": { "hashes": [ @@ -415,10 +428,10 @@ }, "pluggy": { "hashes": [ - "sha256:8ddc32f03971bfdf900a81961a48ccf2fb677cf7715108f85295c67405798616", - "sha256:980710797ff6a041e9a73a5787804f848996ecaa6f8a1b1e08224a5894f2074a" + "sha256:19ecf9ce9db2fce065a7a0586e07cfb4ac8614fe96edf628a264b1c70116cf8f", + "sha256:84d306a647cc805219916e62aab89caa97a33a1dd8c342e87a37f91073cd4746" ], - "version": "==0.8.1" + "version": "==0.9.0" }, "poyo": { "hashes": [ @@ -441,7 +454,6 @@ "sha256:a9b85b335b40a528a8e2a6b549592138de8429c6296e7361892958956e6a73cf", "sha256:dc85fad15ef98103ecc047a0d81b55bbf5fe1b03313b96e883acc2e2fa87ed5c" ], - "markers": "sys_platform != 'win32' and sys_platform != 'cygwin'", "version": "==5.4.6" }, "ptyprocess": { @@ -453,10 +465,10 @@ }, "py": { "hashes": [ - "sha256:bf92637198836372b520efcba9e020c330123be8ce527e535d185ed4b6f45694", - "sha256:e76826342cefe3c3d5f7e8ee4316b80d1dd8a300781612ddbc765c17ba25a6c6" + "sha256:64f65755aee5b381cea27766a3a147c3f15b9b6b9ac88676de66ba2ae36793fa", + "sha256:dc639b046a6e2cff5bbe40194ad65936d6ba360b52b3c3fe1d08a82dd50b5e53" ], - "version": "==1.7.0" + "version": "==1.8.0" }, "pyasn1": { "hashes": [ @@ -467,10 +479,10 @@ }, "pycodestyle": { "hashes": [ - "sha256:682256a5b318149ca0d2a9185d365d8864a768a28db66a84a2ea946bcc426766", - "sha256:6c4245ade1edfad79c3446fadfc96b0de2759662dc29d07d80a6f27ad1ca6ba9" + "sha256:95a2219d12372f05704562a14ec30bc76b05a5b297b21a5dfe3f6fac3491ae56", + "sha256:e40a936c9a450ad81df37f549d676d127b1b66000a6c500caa2b085bc0ca976c" ], - "version": "==2.3.1" + "version": "==2.5.0" }, "pycparser": { "hashes": [ @@ -480,10 +492,10 @@ }, "pyflakes": { "hashes": [ - "sha256:08bd6a50edf8cffa9fa09a463063c425ecaaf10d1eb0335a7e8b1401aef89e6f", - "sha256:8d616a382f243dbf19b54743f280b80198be0bca3a5396f1d2e1fca6223e8805" + "sha256:17dbeb2e3f4d772725c777fabc446d5634d1038f234e77343108ce445ea69ce0", + "sha256:d976835886f8c5b31d47970ed689944a0262b5f3afa00a5a7b4dc81e5449f8a2" ], - "version": "==1.6.0" + "version": "==2.1.1" }, "pynacl": { "hashes": [ @@ -511,10 +523,10 @@ }, "pytest": { "hashes": [ - "sha256:65aeaa77ae87c7fc95de56285282546cfa9c886dc8e5dc78313db1c25e21bc07", - "sha256:6ac6d467d9f053e95aaacd79f831dbecfe730f419c6c7022cb316b365cd9199d" + "sha256:3773f4c235918987d51daf1db66d51c99fac654c81d6f2f709a046ab446d5e5d", + "sha256:b7802283b70ca24d7119b32915efa7c409982f59913c1a6c0640aacf118b95f5" ], - "version": "==4.2.0" + "version": "==4.4.1" }, "python-dateutil": { "hashes": [ @@ -554,22 +566,61 @@ ], "version": "==2.21.0" }, + "ruamel.ordereddict": { + "hashes": [ + "sha256:08b4b19fe518d32251a5338e039c4dc9eb0876f2919f94c9b8d2f9446ea80806", + "sha256:150ce8e6c514a2a2b62753622a75874962561f8e5eeec81a3172ab952807bf0b", + "sha256:45541836cbfdde630033cae7bbbe35acbac87a0ceec79f944b7a3bedd940fe78", + "sha256:854dd4a524811b16111b1107d8a751e4ca064d2bb103d3d91deab75de36b6620", + "sha256:aee2fa23e884249b4284b728888c553d551e5bfd4de2731f10153fd7813ec55f", + "sha256:bf0a198c8ce5d973c24e5dba12d3abc254996788ca6ad8448eabc6aa710db149" + ], + "markers": "platform_python_implementation == 'CPython' and python_version <= '2.7'", + "version": "==0.4.13" + }, + "ruamel.yaml": { + "hashes": [ + "sha256:09ed5b07bfd09592dd265dc0f645b3e96e6c69de59ac1cd5b6dbcb8a243a28ee", + "sha256:10c194ef72f7419dd2fde7b35746c1e4bdaf80911e07c33eff3aedc1a89d574a", + "sha256:10e49c1b9ba35a9682fb3afffe52c2a1383e442bf05938dd87d30db252ce2e0b", + "sha256:1ca24a5ce2d2e61e6c504cbbbb24ece78127c79af87e8fe3175bb58c048f986d", + "sha256:272ade6dd5c27fdf2b917a497ee2bad1b11f41ad6f3f646a16a21b3ad78c2626", + "sha256:4be750a41289528e446d075b048e8cd06ea6a6779c2ef77f7b87ad3c567117d7", + "sha256:4d5c331e8a0e4423535e9dfecc6ea8f0ec4360b524b103f46432021cb9698d2e", + "sha256:69af34d4034659774e45d9f077e6f930d2c41c38ac721d5e7cb88b7629be446d", + "sha256:70229ffbd67a5171fc6aef24c32caa65042834bf6e8d0b3116d4046920a20be9", + "sha256:70a88e6ae131789e2fbe3816450a10c057b21ae93c875f717435fe2cea5fdcf3", + "sha256:89609fd5696cc82265877cdde3505242ebd2b262fb87a86e46d370fad5ff4111", + "sha256:92ff5ed79f5a98e3a57c741d238afa2846f2cae87d6385eebb93d0dcd6caf5b4", + "sha256:9f1323e7f6d25c8fba5fee5809a22f31805976978c7316a7d08ecdda0c22d6f0", + "sha256:af76d3350062124d8488b31c8dff9664a6a4934a71efb8af35d5c346632a765c", + "sha256:bf6931ac24676189ce061485a42e4ad36d158672dfde2bf7ba953b0edc8ee40b", + "sha256:c6d05e38a141922eca7902135e7a40b605763d6da8ec6624517370631ce9fb6d", + "sha256:dc4237c27602ceb8ff060e0172da2f6a7e759008dba592f58b8fae0003cf0a57", + "sha256:dfa4948d1a2ea577e53f05e9de7396db7cddba286f2827e7177d249fc7303681", + "sha256:e287e894dde92fc8555ad767e240d3e604a9e25afc02eeee35e21f0d25e152b8", + "sha256:e56b6f687a5361bcdab3dbc776cbdeff623a976760afeadc725129e53cf13092", + "sha256:ecaf924ab269c8ea4006792710d93ff5d900f99a81fb74a8040b0eeff3571baf", + "sha256:f624dd645ed2f342015a8b9149691feaac532f26b77fd206df2d724ebf82bd14" + ], + "version": "==0.15.92" + }, "scandir": { "hashes": [ - "sha256:04b8adb105f2ed313a7c2ef0f1cf7aff4871aa7a1883fa4d8c44b5551ab052d6", - "sha256:1444134990356c81d12f30e4b311379acfbbcd03e0bab591de2696a3b126d58e", - "sha256:1b5c314e39f596875e5a95dd81af03730b338c277c54a454226978d5ba95dbb6", - "sha256:346619f72eb0ddc4cf355ceffd225fa52506c92a2ff05318cfabd02a144e7c4e", - "sha256:44975e209c4827fc18a3486f257154d34ec6eaec0f90fef0cca1caa482db7064", - "sha256:61859fd7e40b8c71e609c202db5b0c1dbec0d5c7f1449dec2245575bdc866792", - "sha256:a5e232a0bf188362fa00123cc0bb842d363a292de7126126df5527b6a369586a", - "sha256:c14701409f311e7a9b7ec8e337f0815baf7ac95776cc78b419a1e6d49889a383", - "sha256:c7708f29d843fc2764310732e41f0ce27feadde453261859ec0fca7865dfc41b", - "sha256:c9009c527929f6e25604aec39b0a43c3f831d2947d89d6caaab22f057b7055c8", - "sha256:f5c71e29b4e2af7ccdc03a020c626ede51da471173b4a6ad1e904f2b2e04b4bd" + "sha256:2586c94e907d99617887daed6c1d102b5ca28f1085f90446554abf1faf73123e", + "sha256:2ae41f43797ca0c11591c0c35f2f5875fa99f8797cb1a1fd440497ec0ae4b022", + "sha256:2b8e3888b11abb2217a32af0766bc06b65cc4a928d8727828ee68af5a967fa6f", + "sha256:2c712840c2e2ee8dfaf36034080108d30060d759c7b73a01a52251cc8989f11f", + "sha256:4d4631f6062e658e9007ab3149a9b914f3548cb38bfb021c64f39a025ce578ae", + "sha256:67f15b6f83e6507fdc6fca22fedf6ef8b334b399ca27c6b568cbfaa82a364173", + "sha256:7d2d7a06a252764061a020407b997dd036f7bd6a175a5ba2b345f0a357f0b3f4", + "sha256:8c5922863e44ffc00c5c693190648daa6d15e7c1207ed02d6f46a8dcc2869d32", + "sha256:92c85ac42f41ffdc35b6da57ed991575bdbe69db895507af88b9f499b701c188", + "sha256:b24086f2375c4a094a6b51e78b4cf7ca16c721dcee2eddd7aa6494b42d6d519d", + "sha256:cb925555f43060a1745d0a321cca94bcea927c50114b623d73179189a4e100ac" ], "markers": "python_version < '3.5'", - "version": "==1.9.0" + "version": "==1.10.0" }, "sh": { "hashes": [ @@ -593,10 +644,10 @@ }, "testinfra": { "hashes": [ - "sha256:499ba7201d1a0f418fa0318bf2ae28142893c4f9d49ab24af21441fdb529292f", - "sha256:da1d0d1ffd68935b950b7b83833d863436ea75398a5cbdc0d0ab9e61132e2088" + "sha256:8dbbf25039674d419598f576c5652947cebdf7cbbea8f23acacc80271009c6cb", + "sha256:d13dda899d5a051465f041a821363e2ebdd079391fbeae04089a2df7d35e3d54" ], - "version": "==1.16.0" + "version": "==1.19.0" }, "tree-format": { "hashes": [ @@ -605,6 +656,15 @@ ], "version": "==0.1.2" }, + "typing": { + "hashes": [ + "sha256:4027c5f6127a6267a435201981ba156de91ad0d1d98e9ddc2aa173453453492d", + "sha256:57dcf675a99b74d64dacf6fba08fb17cf7e3d5fdff53d4a30ea2a5e7e52543d4", + "sha256:a4c8473ce11a65999c8f59cb093e70686b6c84c98df58c1dae9b3b196089858a" + ], + "markers": "python_version < '3.5'", + "version": "==3.6.6" + }, "urllib3": { "hashes": [ "sha256:61bf29cada3fc2fbefad4fdf059ea4bd1b4a86d2b6d15e1c7c0b582b9752fe39", @@ -614,10 +674,10 @@ }, "websocket-client": { "hashes": [ - "sha256:8c8bf2d4f800c3ed952df206b18c28f7070d9e3dcbd6ca6291127574f57ee786", - "sha256:e51562c91ddb8148e791f0155fdb01325d99bb52c4cdbb291aee7a3563fd0849" + "sha256:1151d5fb3a62dc129164292e1227655e4bbc5dd5340a5165dfae61128ec50aa9", + "sha256:1fd5520878b68b84b5748bb30e592b10d0a91529d5383f74f4964e72b297fd3a" ], - "version": "==0.54.0" + "version": "==0.56.0" }, "whichcraft": { "hashes": [ @@ -628,10 +688,10 @@ }, "yamllint": { "hashes": [ - "sha256:93e255e4bd96c7c0850bf182b09f6b35625130f15b37a0e03d8bf378d747081c", - "sha256:e9b7dec24921ef13180902e5dbcaae9157c773e3e3e2780ef77d3a4dd67d799f" + "sha256:5a53b6ebea563f944420d2964233173532af00a9579ab2c48c4cf8c56b704050", + "sha256:8f25759997acb42e52b96bf3af0b4b942e6516b51198bebd3402640102006af7" ], - "version": "==1.11.1" + "version": "==1.15.0" } }, "develop": {} From 54c7859894f28d7086241bebb7af2223a71c2d19 Mon Sep 17 00:00:00 2001 From: Werner Dijkerman Date: Wed, 17 Apr 2019 19:40:37 +0200 Subject: [PATCH 9/9] Added ports check and added dependency that needs to be installed --- molecule/default/prepare.yml | 1 + molecule/default/tests/test_default.py | 11 +++++++++++ 2 files changed, 12 insertions(+) diff --git a/molecule/default/prepare.yml b/molecule/default/prepare.yml index ac7889557..0eb221114 100644 --- a/molecule/default/prepare.yml +++ b/molecule/default/prepare.yml @@ -20,6 +20,7 @@ package: name: - curl + - net-tools state: latest register: wazuh_manager_dependencies_packages_installed until: wazuh_manager_dependencies_packages_installed is succeeded diff --git a/molecule/default/tests/test_default.py b/molecule/default/tests/test_default.py index f2ee6eada..36711b0f8 100644 --- a/molecule/default/tests/test_default.py +++ b/molecule/default/tests/test_default.py @@ -67,3 +67,14 @@ def test_wazuh_files(host, wazuh_file, wazuh_owner, wazuh_group, wazuh_mode): assert wazuh_file_host.user == wazuh_owner assert wazuh_file_host.group == wazuh_group assert wazuh_file_host.mode == wazuh_mode + + +def test_open_ports(host): + """Test if the main port is open and the agent-auth is not open.""" + distribution = host.system_info.distribution.lower() + if distribution == 'ubuntu': + assert host.socket("tcp://0.0.0.0:1515").is_listening + assert not host.socket("tcp://0.0.0.0:1514").is_listening + elif distribution == 'centos': + assert host.socket("tcp://:::1515").is_listening + assert not host.socket("tcp://:::1514").is_listening