Skip to content
Closed
Show file tree
Hide file tree
Changes from all commits
Commits
File filter

Filter by extension

Filter by extension


Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
2 changes: 0 additions & 2 deletions Berksfile
Original file line number Diff line number Diff line change
@@ -1,5 +1,3 @@
# encoding: utf-8

source 'https://supermarket.chef.io'

metadata
Expand Down
2 changes: 0 additions & 2 deletions Gemfile
Original file line number Diff line number Diff line change
@@ -1,5 +1,3 @@
# encoding: utf-8

source 'https://rubygems.org'

gem 'berkshelf', '~> 5.3'
Expand Down
30 changes: 14 additions & 16 deletions Guardfile
Original file line number Diff line number Diff line change
@@ -1,32 +1,30 @@
# encoding: utf-8

# Guardfile

guard :rubocop do
watch(/.+\.rb$/)
watch(/(?:.+\/)?\.rubocop\.yml$/) { |m| File.dirname(m[0]) }
watch(%r{(?:.+/)?\.rubocop\.yml$}) { |m| File.dirname(m[0]) }
end

guard :foodcritic, cookbook_paths: '.', cli: '-f any --tags ~FC023' do
watch(/attributes\/.+\.rb$/)
watch(/providers\/.+\.rb$/)
watch(/recipes\/.+\.rb$/)
watch(/resources\/.+\.rb$/)
watch(%r{attributes/.+\.rb$})
watch(%r{providers/.+\.rb$})
watch(%r{recipes/.+\.rb$})
watch(%r{resources/.+\.rb$})
watch(/metadata.rb/)
end

guard :rspec do
watch(/^spec\/.+_spec\.rb$/)
watch(/^(recipes)\/(.+)\.rb$/) { |m| "spec/#{m[1]}_spec.rb" }
watch(%r{^spec/.+_spec\.rb$})
watch(%r{^(recipes)/(.+)\.rb$}) { |m| "spec/#{m[1]}_spec.rb" }
watch('spec/spec_helper.rb') { 'spec' }
end

guard :kitchen, all_on_start: false do
watch(/test\/.+/)
watch(/^recipes\/(.+)\.rb$/)
watch(/^attributes\/(.+)\.rb$/)
watch(/^files\/(.+)/)
watch(/^templates\/(.+)/)
watch(/^providers\/(.+)\.rb/)
watch(/^resources\/(.+)\.rb/)
watch(%r{test/.+})
watch(%r{^recipes/(.+)\.rb$})
watch(%r{^attributes/(.+)\.rb$})
watch(%r{^files/(.+)})
watch(%r{^templates/(.+)})
watch(%r{^providers/(.+)\.rb})
watch(%r{^resources/(.+)\.rb})
end
2 changes: 0 additions & 2 deletions Rakefile
Original file line number Diff line number Diff line change
@@ -1,6 +1,4 @@
#!/usr/bin/env rake
# encoding: utf-8

require 'foodcritic'
require 'rspec/core/rake_task'
require 'rubocop/rake_task'
Expand Down
19 changes: 9 additions & 10 deletions attributes/default.rb
Original file line number Diff line number Diff line change
@@ -1,10 +1,9 @@
# encoding: utf-8
#
# Cookbook Name:: mysql-hardening
# Cookbook:: mysql-hardening
# Attributes:: default
#
# Copyright 2014, Christoph Hartmann
# Copyright 2014, Deutsche Telekom AG
# Copyright:: 2014, Christoph Hartmann
# Copyright:: 2014, Deutsche Telekom AG
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
Expand All @@ -29,11 +28,11 @@
# path configuration
default['mysql-hardening']['user'] = 'mysql'

case platform_family
when 'rhel', 'fedora'
default['mysql-hardening']['mysql-conf'] = '/etc/my.cnf'
else
default['mysql-hardening']['mysql-conf'] = '/etc/mysql/my.cnf'
end
default['mysql-hardening']['mysql-conf'] = case platform_family
when 'rhel', 'fedora'
'/etc/my.cnf'
else
'/etc/mysql/my.cnf'
end

default['mysql-hardening']['hardening-conf'] = '/etc/mysql/conf.d/hardening.cnf'
7 changes: 3 additions & 4 deletions attributes/hardening.rb
Original file line number Diff line number Diff line change
@@ -1,10 +1,9 @@
# encoding: utf-8
#
# Cookbook Name:: mysql-hardening
# Cookbook:: mysql-hardening
# Attributes:: default
#
# Copyright 2014, Christoph Hartmann
# Copyright 2014, Deutsche Telekom AG
# Copyright:: 2014, Christoph Hartmann
# Copyright:: 2014, Deutsche Telekom AG
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
Expand Down
9 changes: 2 additions & 7 deletions metadata.rb
Original file line number Diff line number Diff line change
@@ -1,6 +1,5 @@
# encoding: utf-8
#
# Copyright 2014, Deutsche Telekom AG
# Copyright:: 2014, Deutsche Telekom AG
#
# Licensed under the Apache License, Version 2.0 (the 'License');
# you may not use this file except in compliance with the License.
Expand All @@ -18,16 +17,12 @@
name 'mysql-hardening'
maintainer 'Christoph Hartmann'
maintainer_email '[email protected]'
license 'Apache v2.0'
license 'Apache-2.0'
description 'Installs and configures a secure mysql server'
long_description IO.read(File.join(File.dirname(__FILE__), 'README.md'))
version '1.2.1'

depends 'mysql', '~>5.0'

recipe 'mysql-hardening::default', 'installs a hardened mysql server'
recipe 'mysql-hardening::server', 'installs a hardened mysql server'

supports 'amazon'
supports 'redhat'
supports 'centos'
Expand Down
9 changes: 4 additions & 5 deletions recipes/default.rb
Original file line number Diff line number Diff line change
@@ -1,10 +1,9 @@
# encoding: utf-8
#
# Cookbook Name: mysql-hardening
# Cookbook:: Name: mysql-hardening
# Recipe: default
#
# Copyright 2014, Deutsche Telekom AG
# Copyright 2016, Christoph Hartmann
# Copyright:: 2014, Deutsche Telekom AG
# Copyright:: 2016, Christoph Hartmann
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
Expand All @@ -19,4 +18,4 @@
# limitations under the License.
#

include_recipe('mysql-hardening::hardening')
include_recipe 'mysql-hardening::hardening'
7 changes: 3 additions & 4 deletions recipes/hardening.rb
Original file line number Diff line number Diff line change
@@ -1,10 +1,9 @@
# encoding: utf-8
#
# Cookbook Name: mysql-hardening
# Cookbook:: Name: mysql-hardening
# Recipe: hardening.rb
#
# Copyright 2014, Deutsche Telekom AG
# Copyright 2016, Christoph Hartmann
# Copyright:: 2014, Deutsche Telekom AG
# Copyright:: 2016, Christoph Hartmann
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
Expand Down
4 changes: 1 addition & 3 deletions spec/spec_helper.rb
Original file line number Diff line number Diff line change
@@ -1,6 +1,5 @@
# encoding: utf-8
#
# Copyright 2014, Deutsche Telekom AG
# Copyright:: 2014, Deutsche Telekom AG
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
Expand All @@ -21,4 +20,3 @@

# coverage report
Coveralls.wear!
at_exit { ChefSpec::Coverage.report! }
2 changes: 0 additions & 2 deletions spec/unit/recipes/default_spec.rb
Original file line number Diff line number Diff line change
@@ -1,5 +1,3 @@
# encoding: utf-8

require 'spec_helper'

describe 'mysql-hardening::default' do
Expand Down
14 changes: 6 additions & 8 deletions spec/unit/recipes/hardening_spec.rb
Original file line number Diff line number Diff line change
@@ -1,5 +1,3 @@
# encoding: utf-8

require 'spec_helper'

describe 'mysql-hardening::hardening' do
Expand All @@ -8,25 +6,25 @@
end

it 'should create a my.cnf file and protect it' do
expect(chef_run).to create_file(chef_run.node['mysql-hardening']['mysql-conf']).
with(
expect(chef_run).to create_file(chef_run.node['mysql-hardening']['mysql-conf'])
.with(
mode: '600',
owner: 'root',
group: 'root'
)
end

it 'should create a hardening.cnf with the hardening configuration from a template' do
expect(chef_run).to create_template(chef_run.node['mysql-hardening']['hardening-conf']).
with(
expect(chef_run).to create_template(chef_run.node['mysql-hardening']['hardening-conf'])
.with(
owner: chef_run.node['mysql-hardening']['user'],
mode: '750'
)
end

it 'should create the data directory and ensure permission' do
expect(chef_run).to create_directory(chef_run.node['mysql']['data_dir']).
with(
expect(chef_run).to create_directory(chef_run.node['mysql']['data_dir'])
.with(
owner: chef_run.node['mysql-hardening']['user'],
mode: '755'
)
Expand Down