08707eb2d2
TODO: Remove this!! It is very dangerous to do this here. The goal of this is to make the audit DSL available to all describe blocks. Right now, these blocks are executed outside the scope of this run, thus not gaining ony of the DSL pieces. To circumvent this, the full DSL is attached to the examples |
||
|---|---|---|
| .delivery | ||
| bin | ||
| docs | ||
| lib | ||
| test | ||
| .gitignore | ||
| .rubocop.yml | ||
| .travis.yml | ||
| CHANGELOG.md | ||
| Gemfile | ||
| mkdocs.yml | ||
| Rakefile | ||
| README.md | ||
| vulcano.gemspec | ||
Vulcano CLI
Test your Server, VM, or workstation.
Small example: Write a your checks in test.rb:
describe file('/proc/cpuinfo') do
it { should be_file }
end
describe ssh_config do
its('Protocol') { should eq('2') }
end
Run this file locally:
vulcano exec test.rb
Installation
Requires Ruby ( >1.9 ).
To simply run it without installation, you must install bundler:
bundle install
bundle exec bin/vulcano help
To install it as a gem locally, run:
gem build vulcano.gemspec
gem install vulcano-*.gem
You should now be able to run:
vulcano --help
Usage
exec
Run tests against different targets:
# run test locally
vulcano exec test.rb
# run test on remote host on SSH
vulcano exec test.rb -t ssh://user@hostname
# run test on remote windows host on WinRM
vulcano exec test.rb -t winrm://Administrator@windowshost --password 'your-password'
# run test on docker container
vulcano exec test.rb -t docker://container_id
detect
Verify your configuration and detect
id=$( docker run -dti ubuntu:14.04 /bin/bash )
vulcano detect -t docker://$id
Which will provide you with:
{"family":"ubuntu","release":"14.04","arch":null}
Custom resources
You can easily create your own resources. Here is a custom resource for an
application called Gordon and save it in gordon_config.rb:
require 'yaml'
class GordonConfig < Vulcano.resource
name 'gordon_config'
def initialize
@path = '/etc/gordon/config.yaml'
@config = vulcano.file(@path).content
@params = YAML.load(@config)
end
def method_missing(name)
@params[name.to_s]
end
end
Include this file in your test.rb:
require_relative 'gordon_config'
Now you can start using your new resource:
describe gordon_config do
its('Version') { should eq('1.0') }
end
Tests
Runner
Runner tests will make sure the backend execution layer behaves as expected. These tests will take a while, as a lot of different operating systems and configurations are being tested.
You will require:
- vagrant with virtualbox
- test-kitchen
- docker
Run all tests via
rake test:runner
# configure concurrency:
CONCURRENCY=3 rake test:runner
This will go to test/runner and run kitchen test. You can test specific
operating systems and configurations via test-kitchen.
Contributing
- Fork it
- Create your feature branch (git checkout -b my-new-feature)
- Commit your changes (git commit -am 'Add some feature')
- Push to the branch (git push origin my-new-feature)
- Create new Pull Request
Copyright 2015 Chef Software Inc. All rights reserved. Copyright 2015 Vulcano Security GmbH. All rights reserved. Copyright 2015 Dominik Richter. All rights reserved.