Migrate to InSpec #13
Conversation
Signed-off-by: Patrick Münch <patrick.muench1111@gmail.com>
Signed-off-by: Patrick Münch <patrick.muench1111@gmail.com>
Signed-off-by: Patrick Münch <patrick.muench1111@gmail.com>
There was a problem hiding this comment.
@atomic111 Awesome work. Especially, you put a lot of effort in writing all the controls! Wow.
| @@ -0,0 +1,10 @@ | |||
| name: postgres-hardening | |||
There was a problem hiding this comment.
we should align this with our new wording: postgres-baseline
| copyright_email: hello@dev-sec.io | ||
| license: Apache 2 license | ||
| summary: Test-suite for best-practice postgres hardening | ||
| version: 0.1.0 |
There was a problem hiding this comment.
I think we should bump it to version 2.0.0 since 1.x is the Serverspec-based implementation
| # attributes | ||
|
|
||
| DB_USER = attribute( | ||
| 'db_user', |
There was a problem hiding this comment.
should we just stick to user and password?
|
@atomic111 should we go forward and merge this PR? We could fix issues in further PRs? Do you have a list of points that is missing before the migration is complete? |
|
This profile works well with the latest version of InSpec. It depends on inspec/inspec#826 and inspec/inspec#1395 to work properly:
Awesome work @atomic111 |
Signed-off-by: Patrick Münch <patrick.muench1111@gmail.com> add postgres test 1 to 9 Signed-off-by: Patrick Münch <patrick.muench1111@gmail.com> add inspec attributes POSTGRES_CONF_DIR and POSTGRES_CONF_PATH, add test 10 to 12 Signed-off-by: Patrick Münch <patrick.muench1111@gmail.com> add test 12 Signed-off-by: Patrick Münch <patrick.muench1111@gmail.com> added new postgres test Signed-off-by: Patrick Münch <patrick.muench1111@gmail.com> add license Signed-off-by: Patrick Münch <patrick.muench1111@gmail.com> update gemfile, travis, rakefile Signed-off-by: Patrick Münch <patrick.muench1111@gmail.com> change Metrics/BlockLength in rubocop Signed-off-by: Patrick Münch <patrick.muench1111@gmail.com> change name and version bump Signed-off-by: Patrick Münch <patrick.muench1111@gmail.com> rename inspec attribute db_user to user and db_password to password Signed-off-by: Patrick Münch <patrick.muench1111@gmail.com>
|
@chris-rock thank you for the bugfix and now we can merge it. great!!! |
|
Thank you for this huge update @atomic111 |
No description provided.