dev-sec · rndmh3ro · Apr 29, 2019 · Apr 29, 2019 · Apr 29, 2019 · Apr 29, 2019
diff --git a/.kitchen.vagrant.yml b/.kitchen.vagrant.yml
@@ -24,52 +24,30 @@ transport:
   max_ssh_sessions: 5
 
 platforms:
-- name: ubuntu-12.04
-  driver_config:
-    box: opscode-ubuntu-12.04
-    box_url: https://opscode-vm-bento.s3.amazonaws.com/vagrant/virtualbox/opscode_ubuntu-12.04_chef-provisionerless.box
-- name: ubuntu-14.04
-  driver_config:
-    box: opscode-ubuntu-14.04
-    box_url: https://opscode-vm-bento.s3.amazonaws.com/vagrant/virtualbox/opscode_ubuntu-14.04_chef-provisionerless.box
 - name: ubuntu-16.04
   driver_config:
-    box: opscode-ubuntu-16.04
-    box_url: https://opscode-vm-bento.s3.amazonaws.com/vagrant/virtualbox/opscode_ubuntu-16.04_chef-provisionerless.box
-- name: centos-6.4
-- name: centos-7.2
+    box: bento/ubuntu-16.04
+- name: ubuntu-18.04
   driver_config:
-    box: opscode-centos-7.2
-    box_url: https://opscode-vm-bento.s3.amazonaws.com/vagrant/virtualbox/opscode_centos-7.2_chef-provisionerless.box
-- name: centos-6.5
+    box: bento/ubuntu-18.04
+- name: centos-6
   driver_config:
-    box: opscode-centos-6.5
-    box_url: https://opscode-vm-bento.s3.amazonaws.com/vagrant/virtualbox/opscode_centos-6.5_chef-provisionerless.box
-- name: centos-6.8
-  driver_config:
-    box: bento/centos-6.8
+    box: bento/centos-6
 - name: centos-7
   driver_config:
-    box: bento/centos-7.2
-- name: oracle-6.4
-  driver_config:
-    box: oracle-6.4
-    box_url: https://storage.us2.oraclecloud.com/v1/istoilis-istoilis/vagrant/oel64-64.box
-- name: oracle-6.5
+    box: bento/centos-7
+- name: oracle-6
   driver_config:
-    box: oracle-6.5
-    box_url: https://storage.us2.oraclecloud.com/v1/istoilis-istoilis/vagrant/oel65-64.box
+    box: bento/oracle-6
 - name: oracle-7
   driver_config:
-    box: boxcutter/ol72
-- name: debian-7
+    box: bento/oracle-7
+- name: debian-9
   driver_config:
-    box: debian-7
-    box_url: https://opscode-vm-bento.s3.amazonaws.com/vagrant/virtualbox/opscode_debian-7.8_chef-provisionerless.box
-- name: debian-8
+    box: bento/debian-9
+- name: amazon
   driver_config:
-    box: debian-8
-    box_url: https://opscode-vm-bento.s3.amazonaws.com/vagrant/virtualbox/opscode_debian-8.1_chef-provisionerless.box
+    box: bento/amazonlinux-2
 
 verifier:
   name: inspec

diff --git a/.kitchen.yml b/.kitchen.yml
@@ -51,10 +51,6 @@ platforms:
     provision_command:
       - sed -i 's/UsePAM yes/UsePAM no/g' /etc/ssh/sshd_config
       - systemctl enable sshd.service
-- name: ubuntu1404-ansible-latest
-  driver:
-    image: rndmh3ro/docker-ubuntu1404-ansible:latest
-    platform: ubuntu
 - name: ubuntu1604-ansible-latest
   driver:
     image: rndmh3ro/docker-ubuntu1604-ansible:latest
@@ -69,14 +65,6 @@ platforms:
     run_command: /sbin/init
     provision_command:
       - systemctl enable ssh.service
-- name: debian7-ansible-latest
-  driver:
-    image: rndmh3ro/docker-debian7-ansible:latest
-    platform: debian
-- name: debian8-ansible-latest
-  driver:
-    image: rndmh3ro/docker-debian8-ansible:latest
-    platform: debian
 - name: debian9-ansible-latest
   driver:
     image: rndmh3ro/docker-debian9-ansible:latest
@@ -93,6 +81,15 @@ platforms:
     provision_command:
       - sed -i 's/UsePAM yes/UsePAM no/g' /etc/ssh/sshd_config
       - systemctl enable sshd.service
+- name: fedora-ansible-latest
+  driver:
+    image: rndmh3ro/docker-fedora-ansible:latest
+    platform: centos
+    run_command: /sbin/init
+    provision_command:
+      - dnf install -y python
+      - sed -i 's/UsePAM yes/UsePAM no/g' /etc/ssh/sshd_config
+      - systemctl enable sshd.service
 
 verifier:
   name: inspec

diff --git a/.travis.yml b/.travis.yml
@@ -20,10 +20,6 @@ env:
 #    run_opts: "--privileged --volume=/sys/fs/cgroup:/sys/fs/cgroup:ro"
 #    version: latest
 
-  - distro: ubuntu1404
-    version: latest
-    init: /sbin/init
-
   - distro: ubuntu1604
     version: latest
     init: /lib/systemd/systemd
@@ -34,15 +30,6 @@ env:
     init: /lib/systemd/systemd
     run_opts: "--privileged --volume=/sys/fs/cgroup:/sys/fs/cgroup:ro"
 
-  - distro: debian7
-    version: latest
-    init: /sbin/init
-
-  - distro: debian8
-    version: latest
-    init: /sbin/init
-    run_opts: "--privileged --volume=/sys/fs/cgroup:/sys/fs/cgroup:ro"
-
   - distro: debian9
     version: latest
     init: /lib/systemd/systemd
@@ -53,6 +40,11 @@ env:
     version: latest
     run_opts: "--privileged --volume=/sys/fs/cgroup:/sys/fs/cgroup:ro"
 
+  - distro: fedora
+    init: /lib/systemd/systemd
+    version: latest
+    run_opts: "--privileged --volume=/sys/fs/cgroup:/sys/fs/cgroup:ro"
+
 before_install:
   # Pull container
   - 'docker pull rndmh3ro/docker-${distro}-ansible:${version}'

diff --git a/README.md b/README.md
@@ -99,27 +99,27 @@ bundle install
 ### Testing with Docker
 ```
 # fast test on one machine
-bundle exec kitchen test default-ubuntu-1204
+bundle exec kitchen test ssh-ubuntu1804-ansible-latest
 
 # test on all machines
 bundle exec kitchen test
 
 # for development
-bundle exec kitchen create default-ubuntu-1204
-bundle exec kitchen converge default-ubuntu-1204
+bundle exec kitchen create ssh-ubuntu1804-ansible-latest
+bundle exec kitchen converge ssh-ubuntu1804-ansible-latest
 ```
 
 ### Testing with Virtualbox
 ```
 # fast test on one machine
-KITCHEN_YAML=".kitchen.vagrant.yml" bundle exec kitchen test default-ubuntu-1204
+KITCHEN_YAML=".kitchen.vagrant.yml" bundle exec kitchen test ssh-ubuntu-1804
 
 # test on all machines
 KITCHEN_YAML=".kitchen.vagrant.yml" bundle exec kitchen test
 
 # for development
-KITCHEN_YAML=".kitchen.vagrant.yml" bundle exec kitchen create default-ubuntu-1204
-KITCHEN_YAML=".kitchen.vagrant.yml" bundle exec kitchen converge default-ubuntu-1204
+KITCHEN_YAML=".kitchen.vagrant.yml" bundle exec kitchen create ssh-ubuntu-1804
+KITCHEN_YAML=".kitchen.vagrant.yml" bundle exec kitchen converge ssh-ubuntu-1804
 ```
 For more information see [test-kitchen](http://kitchen.ci/docs/getting-started)
 

diff --git a/meta/main.yml b/meta/main.yml
@@ -12,14 +12,13 @@ galaxy_info:
         - 7
     - name: Ubuntu
       versions:
-        - precise
-        - trusty
         - xenial
+        - beaver
     - name: Debian
       versions:
-        - wheezy
         - jessie
     - name: Amazon
+    - name: Fedora
   galaxy_tags:
     - system
     - security

diff --git a/tests/default.yml b/tests/default.yml
@@ -15,7 +15,7 @@
     - file: path="/var/run/sshd" state=directory
     - name: create ssh host keys
       command: "ssh-keygen -A"
-      when: not ((ansible_os_family in ['Oracle Linux', 'RedHat']) and ansible_distribution_major_version < '7')
+      when: not ((ansible_os_family in ['Oracle Linux', 'RedHat']) and ansible_distribution_major_version < '7') or ansible_distribution == "Fedora"
 
   roles:
     - ansible-ssh-hardening
diff --git a/tests/default_custom.yml b/tests/default_custom.yml
@@ -15,7 +15,7 @@
     - file: path="/var/run/sshd" state=directory
     - name: create ssh host keys
       command: "ssh-keygen -A"
-      when: not ((ansible_os_family in ['Oracle Linux', 'RedHat']) and ansible_distribution_major_version < '7')
+      when: not ((ansible_os_family in ['Oracle Linux', 'RedHat']) and ansible_distribution_major_version < '7') or ansible_distribution == "Fedora"
 
   roles:
     - ansible-ssh-hardening