This Chef cookbook will automate the installation of Contrast Security's TeamServer on Linux or Windows. It requires that the target system has access to the Internet in order to connect to Contrast Hub to download the target installer file.
The cookbook executes the following general steps:
- Installs Google Chrome (which is used later by PhantomJS)
- Installs necessary dependencies...
- Microsoft Visual C++ 2013 Redistributable package on Windows
- Libaio packages on Linux
- Installs PhantomJS (which is used to download the target TeamServer installer)
- Executes a PhantomJS script that logs into Contrast Hub (https://hub.contrastsecurity.com), finds the target TeamServer installer, and builds a command-line script to download the installer
- Downloads the TeamServer installer file using the aforementioned command-line script
- Runs the Contrast TeamServer installer using the unattended install option
Please note that this cookbook can take some time to run due to downloading a large installation file and then executing the installation process. Please expect it to take anywhere from 30 minutes to 3 hours depending on whether a TeamServer 'CACHE' or 'NO CACHE' installer is used (https://docs.contrastsecurity.com/installation-setupinstall.html#download).
You will need to supply your own Contrast license file. More details about where to place your license files is below.
A license file is purposely not included with this cookbook. You will need to acquire your own license from your Contrast Account Team or Contrast Support. After acquiring your license:
- Copy/move the license file to the cookbook's
files/default
directory - Edit the
default.rb
attributes file (.../attributes/default.rb
) and modify the value fordefault['contrast-teamserver']['license']
to match the filename of your license file.
Users must provide the following information in order to run this cookbook:
node['chef-contrast-teamserver']['license']
= Valid Contrast license file and its filenamenode['chef-contrast-teamserver']['windows_installer']
= Filename of the target Windows TeamServer installernode['chef-contrast-teamserver']['linux_installer']
= Filename of the target Linux TeamServer installernode['chef-contrast-teamserver']['teamserver_url']
= Desired URL for TeamServernode['chef-contrast-teamserver']['port']
= Desired default port for TeamServer
Since this cookbook requires credentials to log into Contrast Hub in order to download the target TeamServer installer, it utilizes an encrypted data bag to pass your Hub username and password to the target Chef-managed system.
You can create the encrypted data bag using Chef's knife
utility.
Please note that this cookbook requires that the data bag be named contrasthub
and the data bag items must be called creds
with your Contrast Hub credentials named username
and password
.
The general steps to create the encrypted data bag are:
- First start by creating your secret key; for example with OpenSSL, run
openssl rand -base64 512 | tr -d '\r\n' > encrypted_data_bag_secret
- Place your new
encrypted_data_bag_secret
under your cookbook'stest/integration/default
directory, which is where this cookbook's.kitchen.yml
expects it; otherwise, update the.kitchen.yml
to point to the location of your secret key file - Go into the cookbook's
test/integration/default
directory - Then run
knife data bag create contrasthub creds --sercret-file encrypted_data_bag_secret
(this will require that your $EDITOR environment variable is set) - Add data bag items for your Contrast Hub username and password and save the file; for example:
"id": "creds",
"username": "brian.chau@contrastsecurity.com",
"password": "<your Contrast Hub password>"
For more information about using encrypted data bags and more, please watch this nice video: https://youtu.be/y4ZAVafd1RI.
Please note that this cookbook can take some time to run and TeamServer will still not be ready until about 15-30 minutes after the cookbook execution is complete due to the delay associated with installing, configuring, and initializing TeamServer for the first time. Please allocate 30-45 minutes for TeamServer to be up, running, and accessible.
TeamServer will be fully running and accessible when you see a log message like ...Contrast TeamServer Ready - Took 1047250ms
from the /opt/contrast/logs/server.log
(on Linux) or C:\Program Files\Contrast\logs\server.log
(on Windows).