Skip to content

Commit

Permalink
Merge pull request #429 from dev-sec/proxy
Browse files Browse the repository at this point in the history 
add support for using a proxy to test with molecule
  • Loading branch information
@schurzi
schurzi committed Mar 21, 2021
2 parents 9614273 + 6c805f6 commit 876cdab
Show file tree
Hide file tree
Showing 16 changed files with 65 additions and 3 deletions.
4 changes: 4 additions & 0 deletions molecule/mysql_hardening/converge.yml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -2,6 +2,10 @@
- name: wrapper playbook for kitchen testing "ansible-mysql-hardening"
hosts: all
become: true
environment:
http_proxy: "{{ lookup('env', 'http_proxy') | default(omit) }}"
https_proxy: "{{ lookup('env', 'https_proxy') | default(omit) }}"
no_proxy: "{{ lookup('env', 'no_proxy') | default(omit) }}"
tasks:
- name: Determine required MySQL Python libraries (Ubuntu Focal Fossa ++)
set_fact:
Expand Down
5 changes: 5 additions & 0 deletions molecule/mysql_hardening/molecule.yml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -20,6 +20,11 @@ platforms:
container: docker
security_opts:
- apparmor=unconfined
env:
http_proxy: "${http_proxy}"
https_proxy: "${https_proxy}"
no_proxy: "${no_proxy}"
container: docker
provisioner:
name: ansible
config_options:
Expand Down
4 changes: 4 additions & 0 deletions molecule/mysql_hardening/prepare.yml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -3,6 +3,10 @@
- name: wrapper playbook for kitchen testing "ansible-mysql-hardening"
hosts: all
become: true
environment:
http_proxy: "{{ lookup('env', 'http_proxy') | default(omit) }}"
https_proxy: "{{ lookup('env', 'https_proxy') | default(omit) }}"
no_proxy: "{{ lookup('env', 'no_proxy') | default(omit) }}"
tasks:
- name: Run the equivalent of "apt-get update && apt-get upgrade"
apt:
Expand Down
4 changes: 4 additions & 0 deletions molecule/mysql_hardening/verify.yml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -2,6 +2,10 @@
- name: Verify
hosts: all
become: true
environment:
http_proxy: "{{ lookup('env', 'http_proxy') | default(omit) }}"
https_proxy: "{{ lookup('env', 'https_proxy') | default(omit) }}"
no_proxy: "{{ lookup('env', 'no_proxy') | default(omit) }}"
roles:
- geerlingguy.git
tasks:
Expand Down
4 changes: 4 additions & 0 deletions molecule/nginx_hardening/converge.yml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -2,6 +2,10 @@
- name: wrapper playbook for kitchen testing "ansible-nginx-hardening" with custom settings
become: true
hosts: all
environment:
http_proxy: "{{ lookup('env', 'http_proxy') | default(omit) }}"
https_proxy: "{{ lookup('env', 'https_proxy') | default(omit) }}"
no_proxy: "{{ lookup('env', 'no_proxy') | default(omit) }}"
vars:
- nginx_ppa_use: true
- nginx_ppa_version: stable
Expand Down
5 changes: 4 additions & 1 deletion molecule/nginx_hardening/molecule.yml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -21,7 +21,10 @@ platforms:
capabilities:
- SYS_ADMIN
tty: true
environment:
env:
http_proxy: "${http_proxy}"
https_proxy: "${https_proxy}"
no_proxy: "${no_proxy}"
container: docker
provisioner:
name: ansible
Expand Down
4 changes: 4 additions & 0 deletions molecule/nginx_hardening/prepare.yml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -2,6 +2,10 @@
- name: prepare playbook for kitchen testing "ansible-nginx-hardening" with custom settings
become: true
hosts: all
environment:
http_proxy: "{{ lookup('env', 'http_proxy') | default(omit) }}"
https_proxy: "{{ lookup('env', 'https_proxy') | default(omit) }}"
no_proxy: "{{ lookup('env', 'no_proxy') | default(omit) }}"
tasks:
- name: install required tools on SuSE
zypper:
Expand Down
4 changes: 4 additions & 0 deletions molecule/nginx_hardening/verify.yml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -2,6 +2,10 @@
- name: Verify
hosts: all
become: true
environment:
http_proxy: "{{ lookup('env', 'http_proxy') | default(omit) }}"
https_proxy: "{{ lookup('env', 'https_proxy') | default(omit) }}"
no_proxy: "{{ lookup('env', 'no_proxy') | default(omit) }}"
roles:
- geerlingguy.git
tasks:
Expand Down
4 changes: 4 additions & 0 deletions molecule/os_hardening/converge.yml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -2,6 +2,10 @@
- name: wrapper playbook for kitchen testing "ansible-os-hardening" with custom vars for testing
hosts: all
become: true
environment:
http_proxy: "{{ lookup('env', 'http_proxy') | default(omit) }}"
https_proxy: "{{ lookup('env', 'https_proxy') | default(omit) }}"
no_proxy: "{{ lookup('env', 'no_proxy') | default(omit) }}"
collections:
- devsec.hardening
tasks:
Expand Down
5 changes: 4 additions & 1 deletion molecule/os_hardening/molecule.yml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -21,7 +21,10 @@ platforms:
capabilities:
- SYS_ADMIN
tty: true
environment:
env:
http_proxy: "${http_proxy}"
https_proxy: "${https_proxy}"
no_proxy: "${no_proxy}"
container: docker
provisioner:
name: ansible
Expand Down
4 changes: 4 additions & 0 deletions molecule/os_hardening/prepare.yml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -4,6 +4,10 @@
become: true
collections:
- devsec.hardening
environment:
http_proxy: "{{ lookup('env', 'http_proxy') | default(omit) }}"
https_proxy: "{{ lookup('env', 'https_proxy') | default(omit) }}"
no_proxy: "{{ lookup('env', 'no_proxy') | default(omit) }}"
tasks:
- name: set ansible_python_interpreter to "/usr/bin/python3" on fedora
set_fact:
Expand Down
4 changes: 4 additions & 0 deletions molecule/os_hardening/verify.yml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -2,6 +2,10 @@
- name: Verify
hosts: all
become: true
environment:
http_proxy: "{{ lookup('env', 'http_proxy') | default(omit) }}"
https_proxy: "{{ lookup('env', 'https_proxy') | default(omit) }}"
no_proxy: "{{ lookup('env', 'no_proxy') | default(omit) }}"
roles:
- geerlingguy.git
tasks:
Expand Down
4 changes: 4 additions & 0 deletions molecule/ssh_hardening/converge.yml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -2,6 +2,10 @@
- name: wrapper playbook for kitchen testing "ansible-ssh-hardening" with default settings
hosts: all
become: true
environment:
http_proxy: "{{ lookup('env', 'http_proxy') | default(omit) }}"
https_proxy: "{{ lookup('env', 'https_proxy') | default(omit) }}"
no_proxy: "{{ lookup('env', 'no_proxy') | default(omit) }}"
collections:
- devsec.hardening
tasks:
Expand Down
5 changes: 4 additions & 1 deletion molecule/ssh_hardening/molecule.yml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -21,7 +21,10 @@ platforms:
capabilities:
- SYS_ADMIN
tty: true
environment:
env:
http_proxy: "${http_proxy}"
https_proxy: "${https_proxy}"
no_proxy: "${no_proxy}"
container: docker
provisioner:
name: ansible
Expand Down
4 changes: 4 additions & 0 deletions molecule/ssh_hardening/prepare.yml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -2,6 +2,10 @@
- name: wrapper playbook for kitchen testing "ansible-ssh-hardening" with default settings
hosts: all
become: true
environment:
http_proxy: "{{ lookup('env', 'http_proxy') | default(omit) }}"
https_proxy: "{{ lookup('env', 'https_proxy') | default(omit) }}"
no_proxy: "{{ lookup('env', 'no_proxy') | default(omit) }}"
tasks:
- name: use python3
set_fact:
Expand Down
4 changes: 4 additions & 0 deletions molecule/ssh_hardening/verify.yml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -2,6 +2,10 @@
- name: Verify
hosts: all
become: true
environment:
http_proxy: "{{ lookup('env', 'http_proxy') | default(omit) }}"
https_proxy: "{{ lookup('env', 'https_proxy') | default(omit) }}"
no_proxy: "{{ lookup('env', 'no_proxy') | default(omit) }}"
roles:
- geerlingguy.git
tasks:
Expand Down

0 comments on commit 876cdab

Please sign in to comment.