Remove packages with known issues on debian/ubuntu #93

Merged
merged 3 commits into from Nov 20, 2015

Conversation

Projects
None yet
3 participants
@mikemoate
Member

mikemoate commented Oct 14, 2015

This is to resolve #90

There are no existing tests for this functionality on the redhat distro family, I haven't added any for the debian family, though in theory a generic test could now be possible.

There is one remaining rubocop warning relating to use of '$/', however this is code taken from the Chef apt package provider (to have consistent behaviour) so I am reluctant to alter this (my regex skills are too weak).

I'd like to make the list of packages to remove an attribute, with the current list as the default. Would that also be an acceptable change? I can add that to to this pull request or pick up separately?

@mikemoate

This comment has been minimized.

Show comment
Hide comment
@mikemoate

mikemoate Oct 14, 2015

Member

It looks like there is a problem with the ruby gems/dependencies for the Ruby 1.9.3 CI job:

112 Gem::InstallError: varia_model requires Ruby version >= 2.0.0.
113 An error occurred while installing varia_model (0.5.0), and Bundler cannot
114 continue.
115 Make sure that `gem install varia_model -v '0.5.0'` succeeds before bundling.
116
117 The command "eval bundle install --without development integration openstack" failed. Retrying, 2 of 3.

There are also problems with coveralls on all the other CI jobs:

219 [Coveralls] Set up the SimpleCov formatter.
220 [Coveralls] Using SimpleCov's default settings.
221 E, [2015-10-14T13:06:06.540378 #26611] ERROR -- : Actor crashed!
222 Faraday::Error: :gzip is not registered on Faraday::Response
223     /home/travis/.rvm/gems/ruby-2.0.0-p598/gems/faraday-0.9.2/lib/faraday.rb:189:in `lookup_middleware'
224     /home/travis/.rvm/gems/ruby-2.0.0-p598/gems/faraday-0.9.2/lib/faraday/rack_builder.rb:204:in `use_symbol'
225     /home/travis/.rvm/gems/ruby-2.0.0-p598/gems/faraday-0.9.2/lib/faraday/rack_builder.rb:96:in `response'
226     /home/travis/.rvm/gems/ruby-2.0.0-p598/gems/berkshelf-3.3.0/lib/berkshelf/community_rest.rb:79:in `block in initialize'
227     /home/travis/.rvm/gems/ruby-2.0.0-p598/gems/faraday-0.9.2/lib/faraday/rack_builder.rb:66:in `build'
228     /home/travis/.rvm/gems/ruby-2.0.0-p598/gems/faraday-0.9.2/lib/faraday/rack_builder.rb:55:in `initialize'
229     /home/travis/.rvm/gems/ruby-2.0.0-p598/gems/berkshelf-3.3.0/lib/berkshelf/community_rest.rb:77:in `new'
230     /home/travis/.rvm/gems/ruby-2.0.0-p598/gems/berkshelf-3.3.0/lib/berkshelf/community_rest.rb:77:in `initialize'
231     /home/travis/.rvm/gems/ruby-2.0.0-p598/gems/berkshelf-3.3.0/lib/berkshelf/downloader.rb:62:in `new'
232     /home/travis/.rvm/gems/ruby-2.0.0-p598/gems/berkshelf-3.3.0/lib/berkshelf/downloader.rb:62:in `try_download'
233     /home/travis/.rvm/gems/ruby-2.0.0-p598/gems/berkshelf-3.3.0/lib/berkshelf/downloader.rb:36:in `block in download'
234     /home/travis/.rvm/gems/ruby-2.0.0-p598/gems/berkshelf-3.3.0/lib/berkshelf/downloader.rb:35:in `each'
235     /home/travis/.rvm/gems/ruby-2.0.0-p598/gems/berkshelf-3.3.0/lib/berkshelf/downloader.rb:35:in `download'
236     /home/travis/.rvm/gems/ruby-2.0.0-p598/gems/berkshelf-3.3.0/lib/berkshelf/installer.rb:105:in `install'
237     /home/travis/.rvm/gems/ruby-2.0.0-p598/gems/celluloid-0.16.0/lib/celluloid/calls.rb:26:in `public_send'
238     /home/travis/.rvm/gems/ruby-2.0.0-p598/gems/celluloid-0.16.0/lib/celluloid/calls.rb:26:in `dispatch'
239     /home/travis/.rvm/gems/ruby-2.0.0-p598/gems/celluloid-0.16.0/lib/celluloid/calls.rb:63:in `dispatch'
240     /home/travis/.rvm/gems/ruby-2.0.0-p598/gems/celluloid-0.16.0/lib/celluloid/cell.rb:60:in `block in invoke'
241     /home/travis/.rvm/gems/ruby-2.0.0-p598/gems/celluloid-0.16.0/lib/celluloid/cell.rb:71:in `block in task'
242     /home/travis/.rvm/gems/ruby-2.0.0-p598/gems/celluloid-0.16.0/lib/celluloid/actor.rb:357:in `block in task'
243     /home/travis/.rvm/gems/ruby-2.0.0-p598/gems/celluloid-0.16.0/lib/celluloid/tasks.rb:57:in `block in initialize'
244     /home/travis/.rvm/gems/ruby-2.0.0-p598/gems/celluloid-0.16.0/lib/celluloid/tasks/task_fiber.rb:15:in `block in create'
Member

mikemoate commented Oct 14, 2015

It looks like there is a problem with the ruby gems/dependencies for the Ruby 1.9.3 CI job:

112 Gem::InstallError: varia_model requires Ruby version >= 2.0.0.
113 An error occurred while installing varia_model (0.5.0), and Bundler cannot
114 continue.
115 Make sure that `gem install varia_model -v '0.5.0'` succeeds before bundling.
116
117 The command "eval bundle install --without development integration openstack" failed. Retrying, 2 of 3.

There are also problems with coveralls on all the other CI jobs:

219 [Coveralls] Set up the SimpleCov formatter.
220 [Coveralls] Using SimpleCov's default settings.
221 E, [2015-10-14T13:06:06.540378 #26611] ERROR -- : Actor crashed!
222 Faraday::Error: :gzip is not registered on Faraday::Response
223     /home/travis/.rvm/gems/ruby-2.0.0-p598/gems/faraday-0.9.2/lib/faraday.rb:189:in `lookup_middleware'
224     /home/travis/.rvm/gems/ruby-2.0.0-p598/gems/faraday-0.9.2/lib/faraday/rack_builder.rb:204:in `use_symbol'
225     /home/travis/.rvm/gems/ruby-2.0.0-p598/gems/faraday-0.9.2/lib/faraday/rack_builder.rb:96:in `response'
226     /home/travis/.rvm/gems/ruby-2.0.0-p598/gems/berkshelf-3.3.0/lib/berkshelf/community_rest.rb:79:in `block in initialize'
227     /home/travis/.rvm/gems/ruby-2.0.0-p598/gems/faraday-0.9.2/lib/faraday/rack_builder.rb:66:in `build'
228     /home/travis/.rvm/gems/ruby-2.0.0-p598/gems/faraday-0.9.2/lib/faraday/rack_builder.rb:55:in `initialize'
229     /home/travis/.rvm/gems/ruby-2.0.0-p598/gems/berkshelf-3.3.0/lib/berkshelf/community_rest.rb:77:in `new'
230     /home/travis/.rvm/gems/ruby-2.0.0-p598/gems/berkshelf-3.3.0/lib/berkshelf/community_rest.rb:77:in `initialize'
231     /home/travis/.rvm/gems/ruby-2.0.0-p598/gems/berkshelf-3.3.0/lib/berkshelf/downloader.rb:62:in `new'
232     /home/travis/.rvm/gems/ruby-2.0.0-p598/gems/berkshelf-3.3.0/lib/berkshelf/downloader.rb:62:in `try_download'
233     /home/travis/.rvm/gems/ruby-2.0.0-p598/gems/berkshelf-3.3.0/lib/berkshelf/downloader.rb:36:in `block in download'
234     /home/travis/.rvm/gems/ruby-2.0.0-p598/gems/berkshelf-3.3.0/lib/berkshelf/downloader.rb:35:in `each'
235     /home/travis/.rvm/gems/ruby-2.0.0-p598/gems/berkshelf-3.3.0/lib/berkshelf/downloader.rb:35:in `download'
236     /home/travis/.rvm/gems/ruby-2.0.0-p598/gems/berkshelf-3.3.0/lib/berkshelf/installer.rb:105:in `install'
237     /home/travis/.rvm/gems/ruby-2.0.0-p598/gems/celluloid-0.16.0/lib/celluloid/calls.rb:26:in `public_send'
238     /home/travis/.rvm/gems/ruby-2.0.0-p598/gems/celluloid-0.16.0/lib/celluloid/calls.rb:26:in `dispatch'
239     /home/travis/.rvm/gems/ruby-2.0.0-p598/gems/celluloid-0.16.0/lib/celluloid/calls.rb:63:in `dispatch'
240     /home/travis/.rvm/gems/ruby-2.0.0-p598/gems/celluloid-0.16.0/lib/celluloid/cell.rb:60:in `block in invoke'
241     /home/travis/.rvm/gems/ruby-2.0.0-p598/gems/celluloid-0.16.0/lib/celluloid/cell.rb:71:in `block in task'
242     /home/travis/.rvm/gems/ruby-2.0.0-p598/gems/celluloid-0.16.0/lib/celluloid/actor.rb:357:in `block in task'
243     /home/travis/.rvm/gems/ruby-2.0.0-p598/gems/celluloid-0.16.0/lib/celluloid/tasks.rb:57:in `block in initialize'
244     /home/travis/.rvm/gems/ruby-2.0.0-p598/gems/celluloid-0.16.0/lib/celluloid/tasks/task_fiber.rb:15:in `block in create'
@chris-rock

This comment has been minimized.

Show comment
Hide comment
@chris-rock

chris-rock Oct 28, 2015

Member

awesome @mikemoate #96 is merged by now, could you rebase? We fixed the tests.

Member

chris-rock commented Oct 28, 2015

awesome @mikemoate #96 is merged by now, could you rebase? We fixed the tests.

@mikemoate

This comment has been minimized.

Show comment
Hide comment
@mikemoate

mikemoate Oct 28, 2015

Member

Thanks @chris-rock I have rebased and the CI build is in progress.

I have a further change ready to expose the list of packages to clean as an attribute (which users can then override to include more packages or exclude any of the defaults if needed), whilst preserving the default list and behaviour. Should I add that commit to this pull request, or would you rather consider it separately?

Member

mikemoate commented Oct 28, 2015

Thanks @chris-rock I have rebased and the CI build is in progress.

I have a further change ready to expose the list of packages to clean as an attribute (which users can then override to include more packages or exclude any of the defaults if needed), whilst preserving the default list and behaviour. Should I add that commit to this pull request, or would you rather consider it separately?

@mikemoate

This comment has been minimized.

Show comment
Hide comment
@mikemoate

mikemoate Nov 19, 2015

Member

@chris-rock What is needed to progress this pull request? We're keen to contribute back to the project rather than maintain a fork.

Member

mikemoate commented Nov 19, 2015

@chris-rock What is needed to progress this pull request? We're keen to contribute back to the project rather than maintain a fork.

@Rockstar04

This comment has been minimized.

Show comment
Hide comment
@Rockstar04

Rockstar04 Nov 19, 2015

Member

I just gave everything a once over and its inline with the REL feature and looks very well laid out. My only gripe is a lack of testing.

Still +1 👍

Member

Rockstar04 commented Nov 19, 2015

I just gave everything a once over and its inline with the REL feature and looks very well laid out. My only gripe is a lack of testing.

Still +1 👍

libraries/apt_package_extras.rb
+# Cookbook Name:: os-hardening
+# Library:: apt_package_extras
+#
+# Copyright 2015, Hardening Framework Team

This comment has been minimized.

@chris-rock

chris-rock Nov 19, 2015

Member

Could you please add the original authors as well?

@chris-rock

chris-rock Nov 19, 2015

Member

Could you please add the original authors as well?

@chris-rock

This comment has been minimized.

Show comment
Hide comment
@chris-rock

chris-rock Nov 20, 2015

Member

Looks great to me. Once we added the required information for the license, I am happy to merge

Member

chris-rock commented Nov 20, 2015

Looks great to me. Once we added the required information for the license, I am happy to merge

@mikemoate

This comment has been minimized.

Show comment
Hide comment
@mikemoate

mikemoate Nov 20, 2015

Member

@chris-rock apologies for that, I've now added the Opscode copyright from https://github.com/chef/chef/blob/master/lib/chef/provider/package/apt.rb to this file.

Let me know if that's not what you meant/intended.

Member

mikemoate commented Nov 20, 2015

@chris-rock apologies for that, I've now added the Opscode copyright from https://github.com/chef/chef/blob/master/lib/chef/provider/package/apt.rb to this file.

Let me know if that's not what you meant/intended.

@chris-rock

This comment has been minimized.

Show comment
Hide comment
@chris-rock

chris-rock Nov 20, 2015

Member

@mikemoate No issue, the license requires to add the header. So we are good now? Could you do me one last favor and rebase it to the latest master?

Member

chris-rock commented Nov 20, 2015

@mikemoate No issue, the license requires to add the header. So we are good now? Could you do me one last favor and rebase it to the latest master?

mikemoate and others added some commits Oct 14, 2015

Remove packages with known issues on debian/ubuntu
This was complicated by the existence of virtual packages in the debian
distro family. A library with helper functions for this was addded.

HardeningFramework-DCO-1.1-Signed-off-by: Mike Moate <github@mikemoate.co.uk> (github: mikemoate)
Disable rubocop rule for SpecialGlobalVars
My regex skills are not strong enough to rewrite this line yet. Disable
rubocop warning for now to get a CI build to complete.

HardeningFramework-DCO-1.1-Signed-off-by: Mike Moate <github@mikemoate.co.uk> (github: mikemoate)
Mike Moate
@mikemoate

This comment has been minimized.

Show comment
Hide comment
@mikemoate

mikemoate Nov 20, 2015

Member

Now rebased and CI is clean.

Member

mikemoate commented Nov 20, 2015

Now rebased and CI is clean.

@chris-rock

This comment has been minimized.

Show comment
Hide comment
@chris-rock

chris-rock Nov 20, 2015

Member

Great work @mikemoate !

Member

chris-rock commented Nov 20, 2015

Great work @mikemoate !

chris-rock added a commit that referenced this pull request Nov 20, 2015

Merge pull request #93 from mikemoate/ISSUE-90
Remove packages with known issues on debian/ubuntu

@chris-rock chris-rock merged commit 2e4ff65 into dev-sec:master Nov 20, 2015

2 checks passed

continuous-integration/travis-ci/pr The Travis CI build passed
Details
coverage/coveralls Coverage remained the same at 100.0%
Details

@mikemoate mikemoate deleted the mikemoate:ISSUE-90 branch Nov 23, 2015

@rndmh3ro rndmh3ro referenced this pull request in dev-sec/ansible-os-hardening Dec 29, 2015

Merged

Packages as attributes #57

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment