Remove aide puppet manifest

The aide puppet manifest is being removed because the heat template which invoked it has been converted to ansible. This change removes the aide manifest and spec files accordingly. Depends-On: I4479de4c157625be50fdbec33cbf43b30dd7558f Change-Id: I9d63a38298311909e615e51e1e46dcc35652b351 Signed-off-by: Kevin Carter <kecarter@redhat.com>
2019-05-28 10:41:06 -05:00 · 2019-05-28 10:41:06 -05:00 · a807661c4c
commit a807661c4c
parent 0ca8882dca
6 changed files with 4 additions and 376 deletions
--- a/manifests/profile/base/aide.pp
+++ b/manifests/profile/base/aide.pp
@ -1,79 +0,0 @@
-#########################################################################
-# Copyright (C) 2017 Red Hat Inc.
-#
-# Author: Luke Hinds  <lhinds@redhat.com>
-#
-# Licensed under the Apache License, Version 2.0 (the "License"); you may
-# not use this file except in compliance with the License. You may obtain
-# a copy of the License at
-#
-#      http://www.apache.org/licenses/LICENSE-2.0
-#
-# Unless required by applicable law or agreed to in writing, software
-# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
-# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
-# License for the specific language governing permissions and limitations
-# under the License.
-#
-# == Class: tripleo::profile::base::aide
-#
-# Aide profile for TripleO
-#
-# === Parameters
-#
-# [*step*]
-#   (Optional) The current step in deployment. See tripleo-heat-templates
-#   for more details.
-#   Defaults to hiera('step')
-#
-# [*aide_conf_path*]
-#   The aide configuration file to use for rules and db path
-#   Defaults to hiera('aide_conf_path', '/etc/aide.conf')
-#
-# [*aide_db_path*]
-#   (Optional) The location of AIDE's integrity database file
-#   Defaults to hiera('aide_db_path', '/var/lib/aide/aide.db')
-#
-# [*aide_db_temp_path*]
-#   (Optional) The staging location during integrity database creation
-#   Defaults to hiera('aide_db_temp_path', '/var/lib/aide/aide.db.new')
-#
-# [*aide_rules*]
-#   A hiera based hash of aides integrity rules
-#   Defaults to  hiera('rules', {})
-#
-class tripleo::profile::base::aide (
-  $step              = Integer(hiera('step')),
-  $aide_conf_path    = hiera('aide_conf_path', '/etc/aide.conf'),
-  $aide_db_path      = hiera('aide_db_path', '/var/lib/aide/aide.db'),
-  $aide_db_temp_path = hiera('aide_db_temp_path', '/var/lib/aide/aide.db.new'),
-  $aide_rules        = hiera('aide_rules', {})
-) {
-
-  if $step >=5 {
-    package { 'aide':
-      ensure => 'present'
-    }
-
-    contain ::tripleo::profile::base::aide::installdb
-
-    concat { 'aide.conf':
-      path           => $aide_conf_path,
-      owner          => 'root',
-      group          => 'root',
-      mode           => '0600',
-      ensure_newline => true,
-      require        => Package['aide']
-    }
-
-    concat::fragment { 'aide.conf.header':
-      target  => 'aide.conf',
-      order   => 0,
-      content => template( 'tripleo/aide/aide.conf.erb')
-    }
-
-    create_resources('tripleo::profile::base::aide::rules', $aide_rules)
-
-    contain ::tripleo::profile::base::aide::cron
-  }
-}
--- a/manifests/profile/base/aide/cron.pp
+++ b/manifests/profile/base/aide/cron.pp
@ -1,78 +0,0 @@
-#########################################################################
-# Copyright 2017 Red Hat, Inc.
-#
-# Licensed under the Apache License, Version 2.0 (the "License"); you may
-# not use this file except in compliance with the License. You may obtain
-# a copy of the License at
-#
-#      http://www.apache.org/licenses/LICENSE-2.0
-#
-# Unless required by applicable law or agreed to in writing, software
-# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
-# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
-# License for the specific language governing permissions and limitations
-# under the License.
-#
-# == Class: tripleo::profile::base::aide::cron
-#
-# Aide cron profile for tripleo
-#
-# === Parameters
-#
-# [*step*]
-#   (Optional) The current step in deployment. See tripleo-heat-templates
-#   for more details.
-#   Defaults to hiera('step')
-#
-# [*aide_command*]
-#   Path to aide binary
-#
-# [*aide_cron_user*]
-#   User for cron job to run aide
-#   Defaults to 'root'
-#
-# [*aide_hour*]
-#   The hour value used for cron entry
-#   Defaults to 3
-#
-# [*aide_minute*]
-#   The minute value used for cron entry
-#   Defaults to 0
-#
-# [*aide_email*]
-#   Send AIDE reports generated with cron job to this email address
-#   Defaults to undef
-#
-# [*aide_mua_path*]
-#   Use the following path to a MUA client to send email
-#   Defaults to mailx
-#
-class tripleo::profile::base::aide::cron (
-  $step           = Integer(hiera('step')),
-  $aide_command   = '/usr/sbin/aide',
-  $aide_cron_user = hiera('aide_cron_user', 'root'),
-  $aide_hour      = hiera('aide_hour', 3),
-  $aide_minute    = hiera('aide_minute', 0),
-  $aide_email     = hiera('aide_email', undef),
-  $aide_mua_path  = hiera('aide_mua_path', '/bin/mailx')
-  ) {
-
-  include ::tripleo::profile::base::aide
-
-  if '@' in $aide_email {
-    $cron_entry = "${aide_command} --check --config ${::tripleo::profile::base::aide::aide_conf_path} | ${aide_mua_path} \
-s \"\$HOSTNAME - AIDE integrity check\" ${aide_email}"
-  }
-  else {
-    $cron_entry = "${aide_command} --check --config ${::tripleo::profile::base::aide::aide_conf_path} \
-> /var/log/audit/aide_`date +%Y-%m-%d`.log"
-  }
-
-  cron { 'aide':
-    command => $cron_entry,
-    user    => $aide_cron_user,
-    hour    => $aide_hour,
-    minute  => $aide_minute,
-    require => [Package['aide'], Exec['install aide db']]
-  }
-}
--- a/manifests/profile/base/aide/installdb.pp
+++ b/manifests/profile/base/aide/installdb.pp
@ -1,56 +0,0 @@
-#########################################################################
-# Copyright 2017 Red Hat, Inc.
-#
-# Licensed under the Apache License, Version 2.0 (the "License"); you may
-# not use this file except in compliance with the License. You may obtain
-# a copy of the License at
-#
-#      http://www.apache.org/licenses/LICENSE-2.0
-#
-# Unless required by applicable law or agreed to in writing, software
-# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
-# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
-# License for the specific language governing permissions and limitations
-# under the License.
-#
-# == Class: tripleo::profile::base::aide::installdb
-#
-# Aide profile for tripleo
-#
-# === Parameters
-#
-# [*step*]
-#   (Optional) The current step in deployment. See tripleo-heat-templates
-#   for more details.
-#   Defaults to hiera('step')
-#
-class tripleo::profile::base::aide::installdb (
-  $step = Integer(hiera('step')),
-  ) {
-
-  include ::tripleo::profile::base::aide
-
-  exec { 'aide init':
-    path        =>  '/usr/sbin/',
-    command     => "aide --init --config ${::tripleo::profile::base::aide::aide_conf_path}",
-    user        => 'root',
-    refreshonly => true,
-    subscribe   => Concat['aide.conf']
-  }
-
-  exec { 'install aide db':
-    path        =>  '/bin/',
-    command     => "cp -f ${::tripleo::profile::base::aide::aide_db_temp_path} ${::tripleo::profile::base::aide::aide_db_path}",
-    user        => 'root',
-    refreshonly => true,
-    subscribe   => Exec['aide init']
-  }
-
-  file { $::tripleo::profile::base::aide::aide_db_path:
-    ensure  => present,
-    owner   => root,
-    group   => root,
-    mode    => '0600',
-    require => Exec['install aide db']
-  }
-}
--- a/manifests/profile/base/aide/rules.pp
+++ b/manifests/profile/base/aide/rules.pp
@ -1,61 +0,0 @@
-#########################################################################
-# Copyright 2017 Red Hat, Inc.
-#
-# Licensed under the Apache License, Version 2.0 (the "License"); you may
-# not use this file except in compliance with the License. You may obtain
-# a copy of the License at
-#
-#      http://www.apache.org/licenses/LICENSE-2.0
-#
-# Unless required by applicable law or agreed to in writing, software
-# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
-# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
-# License for the specific language governing permissions and limitations
-# under the License.
-#
-# == Class: tripleo::profile::base::aide::rules
-#
-# Aide rules hash profile for tripleo
-#
-# === Parameters
-#
-# [*step*]
-#   (Optional) The current step in deployment. See tripleo-heat-templates
-#   for more details.
-#   Defaults to hiera('step')
-#
-# [*content*]
-#   Used by concat to populate aide.conf
-#
-# [*body*]
-#   Used by concat to populate aide conf file
-#
-# [*order*]
-# Specifies a method for sorting fragments by name within aide conf file
-#
-define tripleo::profile::base::aide::rules (
-  $step    = Integer(hiera('step')),
-  $content = '',
-  $order   = 10,
-) {
-
-  include ::tripleo::profile::base::aide
-
-  if $content == '' {
-    $body = $name
-  } else {
-    $body = $content
-  }
-
-  if (!is_numeric($order) and !is_string($order))
-  {
-    fail('$order must be a string or an integer')
-  }
-  validate_legacy(String, 'validate_string', $body)
-
-  concat::fragment{ "aide_fragment_${name}":
-    target  => 'aide.conf',
-    order   => $order,
-    content => $body,
-  }
-}
--- a/releasenotes/notes/aide-removed-14f41082b1424a53.yaml
+++ b/releasenotes/notes/aide-removed-14f41082b1424a53.yaml
@ -0,0 +1,4 @@
+---
+deprecations:
+  - The aide puppet manifest for `aide` was removed. The heat template
+    invoking this manifest has been converted to Ansible.
--- a/spec/classes/tripleo_profile_base_aide_spec.rb
+++ b/spec/classes/tripleo_profile_base_aide_spec.rb
@ -1,102 +0,0 @@
-# Copyright (C) 2017 Red Hat, Inc.
-#
-# Licensed under the Apache License, Version 2.0 (the "License"); you may
-# not use this file except in compliance with the License. You may obtain
-# a copy of the License at
-#
-#      http://www.apache.org/licenses/LICENSE-2.0
-#
-# Unless required by applicable law or agreed to in writing, software
-# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
-# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
-# License for the specific language governing permissions and limitations
-# under the License.
-#
-
-require 'spec_helper'
-
-describe 'tripleo::profile::base::aide' do
-
-  shared_examples_for 'tripleo::profile::base::aide' do
-    before :each do
-      facts.merge!({ :step => params[:step] })
-    end
-
-    context 'with step less than 5' do
-      let(:params) { { :step => 1 } }
-
-      it 'should do nothing' do
-        is_expected.to contain_class('tripleo::profile::base::aide')
-        is_expected.to_not contain_class('tripleo::profile::base::aide::cron')
-        is_expected.to_not contain_class('tripleo::profile::base::aide::rules')
-        is_expected.to_not contain_class('tripleo::profile::base::aide::installdb')
-      end
-    end
-
-    context 'with step greater of 5' do
-      let(:params) { {
-          :step => 5
-      } }
-
-      it 'should configure aide' do
-        is_expected.to contain_class('tripleo::profile::base::aide')
-        is_expected.to contain_class('tripleo::profile::base::aide::cron')
-        is_expected.to contain_class('tripleo::profile::base::aide::installdb')
-        is_expected.to_not contain_class('tripleo::profile::base::aide::rules')
-      end
-
-      it 'should concat aide.conf' do
-        is_expected.to contain_concat('aide.conf').with({
-           "ensure" => "present",
-           "ensure_newline" => "true",
-           "owner"=>"root",
-           "group"=>"root",
-           "mode"=>"0600"})
-      end
-
-      it 'should concat fragment aide.conf' do
-        should contain_concat__fragment('aide.conf.header').with({
-          :target => 'aide.conf'
-        })
-      end
-
-      it 'should initiate aide database' do
-        should contain_exec('aide init').with({
-          :command => "aide --init --config /etc/aide.conf"
-       })
-      end
-
-      it 'should set new database to main database' do
-        should contain_exec('install aide db').with({
-          :command => "cp -f /var/lib/aide/aide.db.new /var/lib/aide/aide.db"
-       })
-      end
-
-      it 'should contain database file' do
-        should contain_file('/var/lib/aide/aide.db').with({
-        'ensure' => 'present',
-        'owner'  => 'root',
-        'group'  => 'root',
-        'mode'   => '0600'
-       })
-      end
-
-      it 'should configure cron' do
-        should contain_cron('aide').with({
-          :user => 'root',
-          :hour => 3,
-          :minute => 0
-        })
-      end
-    end
-  end
-
-  on_supported_os.each do |os, facts|
-    context "on #{os}" do
-      let (:facts) {
-        facts
-      }
-        it_behaves_like 'tripleo::profile::base::aide'
-    end
-  end
-end