Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

debian 8 support #88

Merged
merged 1 commit into from
Jun 28, 2016
Merged

debian 8 support #88

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
1 commit
Select commit
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Jump to
Jump to file
Failed to load files.
Diff view
Diff view
22 changes: 12 additions & 10 deletions .kitchen.yml
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -1,18 +1,25 @@
---
driver:
name: vagrant

provisioner:
name: ansible_playbook
test_repo_uri: https://github.com/hardening-io/tests-os-hardening.git
hosts: all
require_ansible_repo: false
require_ansible_omnibus: true
require_chef_for_busser: false
require_ruby_for_busser: false
ansible_verbose: true
ansible_diff: true
hosts: all
roles_path: ../ansible-os-hardening/
playboo: default.yml
playbook: default.yml

verifier:
name: inspec
sudo: true
inspec_tests:
- https://github.com/dev-sec/tests-os-hardening

platforms:
- name: ubuntu-12.04
Expand All @@ -39,10 +46,6 @@ platforms:
driver_config:
box: oracle-6.5
box_url: https://storage.us2.oraclecloud.com/v1/istoilis-istoilis/vagrant/oel65-64.box
- name: debian-6
driver_config:
box: debian-6
box_url: https://opscode-vm-bento.s3.amazonaws.com/vagrant/virtualbox/opscode_debian-6.0.10_chef-provisionerless.box
- name: debian-7
driver_config:
box: debian-7
Expand All @@ -51,10 +54,9 @@ platforms:
driver_config:
box: debian-8
box_url: https://opscode-vm-bento.s3.amazonaws.com/vagrant/virtualbox/opscode_debian-8.1_chef-provisionerless.box
verifier:
name: inspec

suites:
- name: ansible_1.9
- name: os-ansible_1.9
provisioner:
ansible_version: 1.9.4
- name: ansible_latest
- name: os-ansible_latest
16 changes: 16 additions & 0 deletions default.yml
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -1,4 +1,20 @@
---
- name: wrapper playbook for kitchen testing "ansible-os-hardening" with custom vars for testing
hosts: localhost
roles:
- ansible-os-hardening
vars:
os_security_users_allow: change_user
os_security_kernel_enable_core_dump: true
os_security_suid_sgid_remove_from_unknown: true
os_auth_pam_passwdqc_enable: false
os_desktop_enable: true
os_env_extra_user_paths: ['/home']
os_auth_allow_homeless: true
os_security_kernel_enable_core_dump: true
os_security_suid_sgid_blacklist: ['/bin/umount']
os_security_suid_sgid_whitelist: ['/usr/bin/rlogin']

- name: wrapper playbook for kitchen testing "ansible-os-hardening"
hosts: localhost
roles:
Expand Down