Merge pull request #11 from effective-spoons/coexisting_agents

Allowing for co-existing Axon agents

.kitchen.yml

@@ -221,6 +221,26 @@ suites:
           registration_key: '123PAs5W0rD'
         tags: { 'tagset1': 'tag1a' , 'tagset2': [ 'tag2a', 'tag2b' ],'tagset3': [ 'tag3a', 'tag3b', 'tag3c' ] }
 
+  - name: ip360-lnx-basic
+    run_list:
+      - recipe[tripwire_agent::axon_agent]
+    verifier:
+      inspec_tests:
+        - test/smoke/axon-ip360
+    excludes:
+      - win2k12r2
+      - debian9
+      - ubuntu1604
+    attributes:
+      tripwire_agent:
+        installer: '/path/to/axon-agent-installer-linux-x64.rpm'
+        axon:
+          bridge: 'tw-bridge.example.com'
+          registration_key: '123PAs5W0rD'
+          install_directory: '/opt/tripwire/agent-ip360'
+          config_directory: '/etc/tripwire-ip360'
+          service_name: 'tw-axon-agent-ip360'
+
   - name: axon-lnx-noeg
     run_list:
       - recipe[tripwire_agent::axon_agent]
@@ -304,6 +324,25 @@ suites:
           registration_key: '123PAs5W0rD'
         tags: { 'tagset1': 'tag1a' , 'tagset2': [ 'tag2a', 'tag2b' ],'tagset3': [ 'tag3a', 'tag3b', 'tag3c' ] }
 
+  - name: ip360-deb-basic
+    run_list:
+      - recipe[tripwire_agent::axon_agent]
+    verifier:
+      inspec_tests:
+        - test/smoke/axon-ip360
+    excludes:
+      - a_windows_type
+      - a_centos_type
+    attributes:
+      tripwire_agent:
+        installer: '/path/to/axon-agent-installer-linux-x64.deb'
+        axon:
+          bridge: 'tw-bridge.example.com'
+          registration_key: '123PAs5W0rD'
+          install_directory: '/opt/tripwire/agent-ip360'
+          config_directory: '/etc/tripwire-ip360'
+          service_name: 'tw-axon-agent-ip360'
+
   - name: axon-deb-noeg
     run_list:
       - recipe[tripwire_agent::axon_agent]

CHANGELOG.md

@@ -1,5 +1,19 @@
 # tripwire_agent Cookbook CHANGELOG
 
+## 0.1.5 (TBD)
+
+Expanding axon's resources to support co-existing agents for TE, TLC, and IP360
+Added service_name, install_directory, and config_directory property to allow
+users to set the paths necessary for proper configuration of the agent.
+
+- Inspec tests added for IP360's path changes
+- Updated README
+
+Fixes to enable axon to be used as a resource in other cookbooks:
+- Template resource now includes the cookbook name
+- Set proxy_hostname to nil (not sure why I changed it to string)
+  - fix in both the template and attributes
+
 ## 0.1.4 (2017-10-27)
 
 Resolved nil issue when using the Java agent resource

README.md

@@ -21,6 +21,8 @@ This cookbook provides resources for the installation of Tripwire Enterprise Axo
 | `eg_driver_installer` | Defines the path to the installer package for the axon EG driver installer (linux/debian only) | String |
 | `eg_service_installer` | Defines the path to the installer package for the axon EG service installer (linux/debian only) | String |
 | `install_directory` | Install path for the Axon agent (current not in use) | String |
+| `config_directory` | Configuration directory, for IP360 and TLC Axon agents | String |
+| `service_name` | Service name for the IP360 and TLC Axon Agents | String |
 | `dns_srvc_name` | Sets the DNS pointer for the Bridge service | String |
 | `dns_srvc_domain` | Sets the DNS domain for the pointer | String |
 | `bridge_auth_mode` | Registration type, password or PKI | String |
@@ -106,6 +108,8 @@ This cookbook provides resources for the installation of Tripwire Enterprise Axo
 | ['tripwire_agent']['java']['install_directory'] | String | Modifies the default installation directory for the agent | Windows: C:\Program Files\Tripwire\TE\Agent Linux: /usr/local/tripwire/te/agent | No | - |
 | ['tripwire_agent']['axon']['eg_driver_installer'] | String | Event Generator installer for linux | nil | - | No |
 | ['tripwire_agent']['axon']['eg_service_installer'] | String | Event Generator service installer for linux | nil | - | No |
+| ['tripwire_agent']['axon']['service_name'] | String | Service name for Axon | tripwire-axon-agent | true | - | No |
+| ['tripwire_agent']['axon']['config_directory'] | String | Path to the configuration directory for Axon | /etc/tripwire | true | - | No |
 | ['tripwire_agent']['axon']['bridge'] | String | Hostname or IP of the bridge server | nil | - | Yes |
 | ['tripwire_agent']['axon']['bridge_port'] | Integer | Bridge port listening for Axon agents | 5670 | - | No |
 | ['tripwire_agent']['axon']['dns_srvc_name'] | String | PTR used by axon to connect to the bridge | _tw_gw | No | No |

attributes/default.rb

@@ -1,6 +1,6 @@
 default['tripwire_agent']['installer'] = nil
 default['tripwire_agent']['tags'] = {}
-default['tripwire_agent']['proxy_hostname'] = ''
+default['tripwire_agent']['proxy_hostname'] = nil
 default['tripwire_agent']['proxy_port'] = 1080
 default['tripwire_agent']['install_rtm'] = true
 default['tripwire_agent']['rtm_port'] = 1169
@@ -39,3 +39,21 @@
 default['tripwire_agent']['axon']['cipher_suites'] = nil
 default['tripwire_agent']['axon']['spool_size'] = '1g'
 default['tripwire_agent']['axon']['clean'] = true
+default['tripwire_agent']['axon']['config_directory'] =
+  if node['platform'] == 'windows'
+    'C:\ProgramData\Tripwire\Agent\config'
+  else
+    '/etc/tripwire'
+  end
+default['tripwire_agent']['axon']['install_directory'] =
+  if node['platform'] == 'windows'
+    'C:\Program Files\Tripwire\Agent'
+  else
+    '/opt/tripwire'
+  end
+default['tripwire_agent']['axon']['service_name'] =
+  if node['platform'] == 'windows'
+    'TripwireAxonAgent'
+  else
+    'tripwire-axon-agent'
+  end

metadata.rb

@@ -4,7 +4,7 @@
 license 'Apache-2.0'
 description 'Installs/Configures tripwire_agent'
 long_description IO.read(File.join(File.dirname(__FILE__), 'README.md'))
-version '0.1.4'
+version '0.1.5'
 chef_version '>= 12.12.15' if respond_to?(:chef_version)
 
 source_url 'https://github.com/Tripwire/chef-tripwire_agent'

recipes/axon_agent.rb

@@ -8,6 +8,9 @@
   eg_install node['tripwire_agent']['axon']['eg_install']
   eg_driver_installer node['tripwire_agent']['axon']['eg_driver_installer']
   eg_service_installer node['tripwire_agent']['axon']['eg_service_installer']
+  install_directory node['tripwire_agent']['axon']['install_directory']
+  config_directory node['tripwire_agent']['axon']['config_directory']
+  service_name node['tripwire_agent']['axon']['service_name']
   dns_srvc_name node['tripwire_agent']['axon']['dns_srvc_name']
   dns_srvc_domain node['tripwire_agent']['axon']['dns_srvc_domain']
   bridge_auth_mode node['tripwire_agent']['axon']['bridge_auth_mode']

resources/axon.rb

@@ -1,7 +1,6 @@
 property :installer,              [String, nil], name_property: true
 property :eg_driver_installer,    [String, nil], default: nil
 property :eg_service_installer,   [String, nil], default: nil
-property :install_directory,      [String, nil], default: nil
 property :eg_install,             [true, false], default: true
 property :dns_srvc_name,          String, default: '_tw_gw'
 property :dns_srvc_domain,        [String, nil], default: nil
@@ -21,6 +20,15 @@
 property :start_service,          [true, false], default: true
 property :clean,                  [true, false], default: true
 property :tags,                   Hash, default: {}
+if node['platform'] == 'windows'
+  property  :install_directory,   String,   default: 'C:\Program Files\Tripwire\Agent'
+  property  :config_directory,    String,   default: 'C:\ProgramData\Tripwire\Agent'
+  property  :service_name,        String,   default: 'TripwireAxonAgent'
+else
+  property  :install_directory,   String,   default: '/opt/tripwire/agent'
+  property  :config_directory,    String,   default: '/etc/tripwire'
+  property  :service_name,        String,   default: 'tripwire-axon-agent'
+end
 
 default_action :install
 
@@ -51,23 +59,20 @@
   case node['platform']
   when  'centos', 'redhat', 'suse', 'oraclelinux'
     ext = '.rpm'
-    service_name = 'tripwire-axon-agent'
     eg_service_name = 'tw-eg-service'
-    config_path = '/etc/tripwire'
   when 'debian', 'ubuntu'
     ext = '.deb'
-    service_name = 'tripwire-axon-agent'
     eg_service_name = 'tw-eg-service'
-    config_path = '/etc/tripwire'
   when 'windows'
     ext = '.msi'
-    service_name = 'TripwireAxonAgent'
     eg_service_name = 'TripwireEventGeneratorService'
-    config_path = 'C:\ProgramData\Tripwire\Agent\config'
   else
     raise 'Unknown platform detected, Aborting run.'
   end
 
+  service_name = new_resource.service_name
+  config_path = new_resource.config_directory
+
   # Create configuration directory
   directory config_path do
     recursive true
@@ -78,6 +83,7 @@
   template config_path + '/twagent.conf' do
     source 'twagent.erb'
     variables(template_hash)
+    cookbook 'tripwire_agent'
   end
 
   # Create registry key file if enabled

templates/twagent.erb

@@ -22,7 +22,7 @@ keystore.password=<%= @keystore_password %>
 bridge.auth.mode=registration
 registration.file.name=<%= @registration_filename %>
 <% end -%>
-<% if !@proxy_hostname.empty? -%>
+<% if @proxy_hostname -%>
 # Proxy settings
 socks5.host=<%= @proxy_hostname %>
 socks5.port=<%= @proxy_port %>

test/smoke/axon-ip360/axon_agent_test.rb

@@ -0,0 +1,58 @@
+# # encoding: utf-8
+
+# Inspec test for recipe tripwire_agent::axon_agent
+
+# The Inspec reference, with examples and extensive documentation, can be
+# found at http://inspec.io/docs/reference/resources/
+
+if os.windows?
+  config_dir = 'C:\ProgramData\Tripwire\agent\config'
+  config_file = config_dir + '\twagent.conf'
+  reg_key_file = config_dir + '\registration_pre_shared_key.txt'
+  pkg_name = 'tw-axon-agent-ip360'
+  srvc_nme = 'Tripwire Axon Agent for IP360'
+else
+  config_dir = '/etc/tripwire-ip360'
+  config_file = config_dir + '/twagent.conf'
+  reg_key_file = config_dir + '/registration_pre_shared_key.txt'
+  pkg_name = 'tw-axon-agent-ip360'
+  srvc_nme = 'tw-axon-agent-ip360'
+end
+
+# Axon config directory should exist
+describe directory(config_dir) do
+  it { should exist }
+end
+
+# Configuration file should exist and have the bridge, port, and spool size set
+describe file(config_file) do
+  it { should exist }
+  its('content') { should match /bridge\.host=tw-bridge\.example.com/ }
+  its('content') { should match /bridge\.port=5670/ }
+  its('content') { should match /spool.size.max=1g/ }
+
+  # Following should not exist in the file
+  its('content') { should_not match /dns\.service\.name=bridge/ }
+  its('content') { should_not match /dns\.service\.domain=example\.com/ }
+  its('content') { should_not match /socks5\.*/}
+  its('content') { should_not match /tls\.version*/ }
+  its('content') { should_not match /tls\.cipher\.suites*/ }
+end
+
+# Axon agents registration key should exist and contain the test password
+describe file(reg_key_file) do
+  it { should exist }
+  its('content') { should match /123PAs5W0rD/ }
+end
+
+# Axon agent should be installed
+describe package(pkg_name) do
+  it { should be_installed }
+end
+
+# Axon service should be running
+describe service(srvc_nme) do
+  it { should be_installed }
+  it { should be_enabled }
+  it { should be_running }
+end