1
0
mirror of https://github.com/dev-sec/ansible-nginx-hardening.git synced 2024-11-22 23:51:57 +01:00
ansible-nginx-hardening/.kitchen.yml

117 lines
2.8 KiB
YAML
Raw Normal View History

2016-07-26 12:28:52 +02:00
---
driver:
name: docker
2016-07-26 16:30:59 +02:00
use_sudo: false
2017-01-21 21:21:06 +01:00
privileged: true
http_proxy: <%= ENV['http_proxy'] || nil %>
https_proxy: <%= ENV['https_proxy'] || nil %>
2016-07-26 12:28:52 +02:00
transport:
max_ssh_sessions: 5
provisioner:
name: ansible_playbook
hosts: all
require_ansible_repo: false
require_chef_for_busser: false
require_ruby_for_busser: false
ansible_verbose: true
ansible_diff: true
2018-11-18 10:00:00 +01:00
2016-07-26 12:28:52 +02:00
roles_path: ../ansible-nginx-hardening/
2017-01-21 21:21:06 +01:00
http_proxy: <%= ENV['http_proxy'] || nil %>
https_proxy: <%= ENV['https_proxy'] || nil %>
2018-08-15 18:16:50 +02:00
playbook: tests/test.yml
2017-01-21 21:21:06 +01:00
requirements_path: requirements.yml
2018-09-08 14:56:11 +02:00
galaxy_ignore_certs: true
2016-07-26 12:28:52 +02:00
platforms:
2017-01-21 21:21:06 +01:00
- name: centos6-ansible-latest
driver:
image: rndmh3ro/docker-centos6-ansible:latest
platform: centos
- name: centos7-ansible-latest
driver:
image: rndmh3ro/docker-centos7-ansible:latest
platform: centos
2018-08-15 18:16:50 +02:00
run_command: /sbin/init
provision_command:
- sed -i 's/UsePAM yes/UsePAM no/g' /etc/ssh/sshd_config
- systemctl enable sshd.service
2017-01-21 21:21:06 +01:00
- name: oracle6-ansible-latest
2016-07-26 12:28:52 +02:00
driver:
2017-01-21 21:21:06 +01:00
image: rndmh3ro/docker-oracle6-ansible:latest
platform: centos
- name: oracle7-ansible-latest
2016-07-26 12:28:52 +02:00
driver:
2017-01-21 21:21:06 +01:00
image: rndmh3ro/docker-oracle7-ansible:latest
2018-08-15 18:16:50 +02:00
run_command: /sbin/init
2017-01-21 21:21:06 +01:00
platform: centos
2018-08-15 18:16:50 +02:00
provision_command:
- sed -i 's/UsePAM yes/UsePAM no/g' /etc/ssh/sshd_config
- systemctl enable sshd.service
2017-01-21 21:21:06 +01:00
- name: ubuntu1404-ansible-latest
2016-07-26 12:28:52 +02:00
driver:
2017-01-21 21:21:06 +01:00
image: rndmh3ro/docker-ubuntu1404-ansible:latest
platform: ubuntu
- name: ubuntu1604-ansible-latest
2016-09-06 18:45:58 +02:00
driver:
2017-01-21 21:21:06 +01:00
image: rndmh3ro/docker-ubuntu1604-ansible:latest
platform: ubuntu
2018-08-15 18:16:50 +02:00
run_command: /sbin/init
provision_command:
- systemctl enable ssh.service
2018-10-11 09:33:01 +02:00
- name: ubuntu1804-ansible-latest
driver:
image: rndmh3ro/docker-ubuntu1804-ansible:latest
platform: ubuntu
run_command: /sbin/init
provision_command:
- systemctl enable ssh.service
2017-01-21 21:21:06 +01:00
- name: debian8-ansible-latest
2016-07-26 12:28:52 +02:00
driver:
2017-01-21 21:21:06 +01:00
image: rndmh3ro/docker-debian8-ansible:latest
platform: debian
- name: debian9-ansible-latest
2016-07-26 12:28:52 +02:00
driver:
2017-01-21 21:21:06 +01:00
image: rndmh3ro/docker-debian9-ansible:latest
platform: debian
2018-08-15 18:16:50 +02:00
run_command: /sbin/init
provision_command:
- apt install -y systemd-sysv
- systemctl enable ssh.service
- name: amazon-ansible-latest
driver:
image: rndmh3ro/docker-amazon-ansible:latest
platform: centos
run_command: /sbin/init
provision_command:
- sed -i 's/UsePAM yes/UsePAM no/g' /etc/ssh/sshd_config
- systemctl enable sshd.service
2016-07-26 12:28:52 +02:00
verifier:
name: inspec
sudo: true
inspec_tests:
- ../nginx-baseline
#- https://github.com/dev-sec/nginx-baseline
controls:
- nginx-01
- nginx-02
- nginx-03
- nginx-04
- nginx-05
- nginx-06
- nginx-07
- nginx-08
- nginx-09
- nginx-10
- nginx-12
- nginx-13
- nginx-14
- nginx-15
- nginx-17
2016-07-26 12:28:52 +02:00
suites:
2017-01-21 21:21:06 +01:00
- name: nginx