Revision 293427a7
Added by Marek Hulán over 9 years ago
manifests/plugin/openscap.pp | ||
---|---|---|
# = Foreman Proxy OpenSCAP plugin
|
||
#
|
||
# This class installs OpenSCAP plugin
|
||
#
|
||
# === Parameters:
|
||
#
|
||
# $enabled:: enables/disables the plugin
|
||
# type:boolean
|
||
#
|
||
# $listen_on:: Proxy feature listens on http, https, or both
|
||
#
|
||
# $openscap_send_log_file:: Log file for the forwarding script
|
||
#
|
||
# $spooldir:: Directory where OpenSCAP audits are stored
|
||
# before they are forwarded to Foreman
|
||
class foreman_proxy::plugin::openscap (
|
||
$enabled = $::foreman_proxy::plugin::openscap::params::enabled,
|
||
$listen_on = $::foreman_proxy::plugin::openscap::params::listen_on,
|
||
$openscap_send_log_file = $::foreman_proxy::plugin::openscap::params::openscap_send_log_file,
|
||
$spooldir = $::foreman_proxy::plugin::openscap::params::spooldir,
|
||
) inherits foreman_proxy::plugin::openscap::params {
|
||
validate_bool($enabled)
|
||
validate_listen_on($listen_on)
|
||
validate_absolute_path($spooldir)
|
||
validate_absolute_path($openscap_send_log_file)
|
||
|
||
foreman_proxy::plugin { 'openscap': } ->
|
||
foreman_proxy::settings_file { 'openscap':
|
||
template_path => 'foreman_proxy/plugin/openscap.yml.erb',
|
||
listen_on => $listen_on,
|
||
enabled => $enabled,
|
||
}
|
||
}
|
manifests/plugin/openscap/params.pp | ||
---|---|---|
# Default parameters for the OpenSCAP smart proxy plugin
|
||
class foreman_proxy::plugin::openscap::params {
|
||
$enabled = true
|
||
$configure_openscap_repo = false
|
||
$listen_on = 'https'
|
||
$openscap_send_log_file = '/var/log/foreman-proxy/openscap-send.log'
|
||
$spooldir = '/var/spool/foreman-proxy/openscap'
|
||
}
|
spec/classes/foreman_proxy__plugin__openscap_spec.rb | ||
---|---|---|
require 'spec_helper'
|
||
|
||
describe 'foreman_proxy::plugin::openscap' do
|
||
on_supported_os.each do |os, facts|
|
||
context "on #{os}" do
|
||
context 'openscap plugin is enabled' do
|
||
let :params do
|
||
{
|
||
:enabled => true
|
||
}
|
||
end
|
||
|
||
it 'should call the plugin' do
|
||
should contain_foreman_proxy__plugin('openscap')
|
||
end
|
||
|
||
it 'should install configuration file' do
|
||
should contain_foreman_proxy__settings_file('openscap')
|
||
content = subject.resource('file', '/etc/foreman-proxy/settings.d/openscap.yml').send(:parameters)[:content]
|
||
content.split("\n").reject { |c| c =~ /(^#|^$)/ }.should == [
|
||
'---',
|
||
':enabled: https',
|
||
':openscap_send_log_file: /var/log/foreman-proxy/openscap-send.log',
|
||
":spooldir: /var/spool/foreman-proxy/openscap",
|
||
]
|
||
end
|
||
end
|
||
|
||
context 'openscap plugin is disabled' do
|
||
let :params do
|
||
{
|
||
:enabled => false
|
||
}
|
||
end
|
||
|
||
it 'should call the plugin' do
|
||
should contain_foreman_proxy__plugin('openscap')
|
||
end
|
||
|
||
it 'should install configuration file' do
|
||
should contain_foreman_proxy__settings_file('openscap')
|
||
content = subject.resource('file', '/etc/foreman-proxy/settings.d/openscap.yml').send(:parameters)[:content]
|
||
content.split("\n").reject { |c| c =~ /(^#|^$)/ }.should == [
|
||
'---',
|
||
':enabled: false',
|
||
':openscap_send_log_file: /var/log/foreman-proxy/openscap-send.log',
|
||
":spooldir: /var/spool/foreman-proxy/openscap",
|
||
]
|
||
end
|
||
end
|
||
end
|
||
end
|
||
end
|
templates/plugin/openscap.yml.erb | ||
---|---|---|
---
|
||
:enabled: <%= @module_enabled %>
|
||
|
||
# Log file for the forwarding script.
|
||
:openscap_send_log_file: <%= @openscap_send_log_file %>
|
||
|
||
# Directory where OpenSCAP audits are stored
|
||
# before they are forwarded to Foreman
|
||
:spooldir: <%= @spooldir %>
|
Also available in: Unified diff
Add support for openscap plugin
Closes GH-141