Sfoglia il codice sorgente
Merge pull request #9 from myii/ci/replace-eol-pre-salted-images
refactor(kitchen+inspec): move inline pillar to filetags/v0.4.1
Imran Iqbal
5 anni fa
2 ha cambiato i file con 35 aggiunte e 34 eliminazioni
+ 2
- 34
kitchen.yml
Vedi File
| @@ -123,40 +123,8 @@ provisioner: | |||
| base: | |||
| '*': | |||
| - ufw | |||
| ufw.sls: | |||
| ufw: | |||
| enabled: True | |||
| settings: | |||
| loglevel: 'low' | |||
| applications: | |||
| MySQL: | |||
| comment: Allow MySQL | |||
| Postgresql: | |||
| limit: True | |||
| comment: Limit Postgresql | |||
| SSH223: | |||
| deny: True | |||
| comment: Deny Webscale SSH | |||
| '*': | |||
| deny: True | |||
| from_addr: 10.0.0.0/8 | |||
| services: | |||
| '*': | |||
| deny: True | |||
| from_addr: | |||
| - 10.0.0.1 | |||
| - 10.0.0.2 | |||
| '22': | |||
| protocol: tcp | |||
| limit: True | |||
| comment: Limit SSH | |||
| '80': | |||
| protocol: tcp | |||
| deny: True | |||
| comment: Deny HTTP | |||
| '443': | |||
| protocol: tcp | |||
| comment: Allow HTTPS | |||
| pillars_from_files: | |||
| ufw.sls: test/salt/pillar/default.sls | |||
| verifier: | |||
| # https://www.inspec.io/ | |||
+ 33
- 0
test/salt/pillar/default.sls
Vedi File
| @@ -0,0 +1,33 @@ | |||
| ufw: | |||
| enabled: True | |||
| settings: | |||
| loglevel: 'low' | |||
| applications: | |||
| MySQL: | |||
| comment: Allow MySQL | |||
| Postgresql: | |||
| limit: True | |||
| comment: Limit Postgresql | |||
| SSH223: | |||
| deny: True | |||
| comment: Deny Webscale SSH | |||
| '*': | |||
| deny: True | |||
| from_addr: 10.0.0.0/8 | |||
| services: | |||
| '*': | |||
| deny: True | |||
| from_addr: | |||
| - 10.0.0.1 | |||
| - 10.0.0.2 | |||
| '22': | |||
| protocol: tcp | |||
| limit: True | |||
| comment: Limit SSH | |||
| '80': | |||
| protocol: tcp | |||
| deny: True | |||
| comment: Deny HTTP | |||
| '443': | |||
| protocol: tcp | |||
| comment: Allow HTTPS | |||
Loading…