Skip to content
A sample saltstack formula for installing Threat Stack agent
Branch: master
Clone or download
Fetching latest commit…
Cannot retrieve the latest commit at this time.
Permalink
Type Name Latest commit message Commit time
Failed to load latest commit information.
threatstack
.gitignore
.kitchen.yml
CHANGELOG.rst
Gemfile
LICENSE
README.md
pillar.example
requirements.txt

README.md

threatstack-formula

A formula for installing Threat Stack agent

This formula supports installing agent 1.x and agent 2.x

Available states

The following states are available:

  • threatstack: Installs the Threatstack agent.

Configuration

  • pkg_url: [optional] Path to an alternate repository site. Set if you manage your own package repository.
  • deploy_key: [required] Your organization's deploy key.
    • ex. "xxxx-xxxx-your-secret-key-xxxx"
  • ts_configure_agent: [optional] If the agent should be configured during run. Set to False if installing agent into an AMI.
    • ex. True
  • ts_agent_version: [optional] Version of agent to install. By default if no agent is installed the latest version will be be. Set a version to maintain consistency in an environment or see ts_agent_latest.
    • ex. "1.4.5.0ubuntu14.0"
  • ts_agent_latest: [optional] Install the latest agent version. By default the formula will only ensure that a package is installed. Set to True to always update to the latest agent version (the latest agent 2.x package).
    • ex. True
  • ts_agent_config_args: [optional] Optional arguments to be passed to cloudsight config or tsagent config (depends on version of agent). Use this to enable optional features.
    • agent 1.x ex. "--enable_foo=1"
    • agent 2.x ex. "--set enable_foo 1"
  • ts_agent_extra_args: [optional] Optional arguments to be passed to cloudsight setup or tsagent setup (depends on version of agent).
    • Please refer to the agent documentation or check the appropriate help output for cloudsight setup/tsagent setup.

Testing

There is currently no spec testing as a saltstack rspec module does not exist.

Integration testing can be configured two different ways.

Pillar data from environment variables

This method requires the following:

  • Uncommenting the section for threatstack.sls in .kitchen.yml
  • Commenting out the pillars_from_files section in .kitchen.yml
  • Setting TS_DEPLOY_KEY in the environment to a valid key value for tests to succeed.
export TS_DEPLOY_KEY='<deploy_key>'
bundle exec kitchen test

For setting additional configuration changes in the environment, see .kitchen.yml for all available pillar items

Pillar data from pillars_from_files

This method requires the following:

  • Uncommenting the pillars_from_files section in .kitchen.yml
  • Commenting out the section for threatstack.sls in .kitchen.yml This method requires updating deploy_key pillar item in pillar.example to a valid key value for tests to succeed.
<Edit `pillar.example`>
bundle exec kitchen test
You can’t perform that action at this time.