Agent2 updates (#32)

* start updating module for puppet 5.x and agent 2.0

* remove notifications

* no bundler up in there?

* maybe skip ruby 2.1 for now

* update rakefile and ditch puppet 4.8

* fix linting issues with chaining arrows

* use new style facts

* errant brace

* need to define os related facts in spec test

* hello, typo

* update facts for rhel like stuff

* something's not defined here in spec tests

* try top level scope here

* removed centos/rhel 6 spec test bits

updated metadata for agent 2.0 supported os versions

* fix spec to use stdlib functions

this requires a different test to see if the pkg is in the catalogue.

* 'run' is only available within 'describe' or 'context' groups

* if lsb bits aren't there, we don't get some os facts

feels like this is an old issue, but here's a reccent ticket: https://tickets.puppetlabs.com/projects/FACT/issues/FACT-1899?filter=allopenissues

* sudo train to success

* move this up to see if it works

* use the apt module instead

will have to clean up a bunch of these so they work and modify tests.

* maybe cleaned this up a little

* add those params for debian

* added back that gpg key param

not sure this is even needed now

* bump version and include apt dependency in fixtures

* add the osfamily fact to spec for apt

used in apt module

* add translate module dependency for tests

* fix apt spec facts

* add os release full fact to spec test

* nice typo, yo

* move defined type test to defines

add rspec-puppet-facts to save time. need to edit the apt spec test and
other stuff.

* no top scope there?

special var in play

* update repo for v2

add different setup/config commands. will sort out the correct execs
here and update tests to reflect these.

* updated travis conf and comments

* change config dir and add params

* errant spaces

* try skipping rvm installs with travis

not sure this will work or is even the way to go, but it might be
quicker.

* use confdir in config line

* missing comma

* update facts in init spec

* updated facts in config spec

* was that failing due to changed path?

* change repo url in yum spec

* add facts to pkg spec

* update specs

* errant brace

* match apt repo comment

* multiline content

this should be a defined type test instead.

* fix indent
gross

* fixed apt stuff

* fix facts in apt spec

* fixed typo

* fix config spec

needs more facts

* add more facts

* more facts for init spec

* add facts for redhat

* facts for config spec

* load it up with facts

* missing brace

* got your operatingsystem right here, buddy

* fix family

* add another debian fact

* move apt spec to defined type test

* move defined type tests to apt class test

* might need to pass params like this

* make it work

* config options have changed.

see if this works.

* loop over config args and such

* fix tabs

* fix config spec

had the old command in there

* have params match what apt class expects

* updated config class and other bits

* this might work for the apt spec test

* just name the release

* might've used the wrong resource type there

* changes those names, too

* fixed apt params

it's been awhile...

* skip the apt key test for now

* fix these spec tests

* more spec tinkering

* an extra space in there

* fix format of rulesets

* dupe it up

* have package inherit params, too

* test complained about an undefined thing

* change how options are passed

* make sure yaml is valid

* only use extra args if they're defined

* give this a try

please work, yo

* use the undef symbol instead

* make it work

i am retiring after this.

* this works?

* remove that param for great success

* this should skip config is no args are defined

i think that's what we want here.

* tests pass; yay

* added changelog, changed dates

* change reference to cloudsight

* remove ubuntu 14.04 from metadata

* updated readme

* removed feature plan param

Author: rockpapergoat

.fixtures.yml

@@ -3,3 +3,5 @@ fixtures:
     threatstack: "#{source_dir}"
   forge_modules:
     stdlib: "puppetlabs/stdlib"
+    apt: "puppetlabs/apt"
+    translate: "puppetlabs/translate"

.travis.yml

@@ -1,15 +1,16 @@
 language: ruby
+before_install:
+  - curl https://apt.puppetlabs.com/DEB-GPG-KEY-puppet | sudo apt-key add -
+  - curl -O https://apt.puppetlabs.com/puppet5-release-trusty.deb
+  - sudo dpkg -i puppet5-release-trusty.deb
+  - sudo apt-get update -q
+  - sudo apt-get install -y lsb-release puppet-agent
+  - /opt/puppetlabs/puppet/bin/gem install bundler
 bundler_args: "--without system_tests"
+before_script:
+  - export PATH=$PATH:/opt/puppetlabs/puppet/bin
 script: bundle install && bundle exec rake validate && bundle exec rake test SPEC_OPTS='--format documentation'
 cache: bundler
 sudo: required
-rvm:
-- 2.1.0
 env:
-- PUPPET_VERSION="~> 3.8.0"
-- PUPPET_VERSION="~> 4.6.0"
-- PUPPET_VERSION="~> 4.7.0"
-- PUPPET_VERSION="~> 4.8.0"
-notifications:
-  slack:
-    secure: fIRcyLQ5G7XmPV5n06Q4NPAiQ1E5VwsoL4GuwIZQ79/c85yxUXk7Y2rDVFnzjtJnWBZ4cTxbz1GATn0PmSDV6fEh5pS31nLwZ7LJUWfLz8Kr86XFTkJpo5fnUxik9BYIwx/WyxAhCtHinFxWS9S2MweABhsDX8vIEFcraASpdHs=
+- PUPPET_VERSION="~> 5.5.8"

CHANGELOG.md

@@ -0,0 +1,33 @@
+# Change log
+
+We'll track changes here starting with details about the 2.0 release and reference to earlier releases.
+
+## 2.0
+### This release tracks the release of the Threat Stack Agent 2.0
+
+### NOTE: To install/configure/run Threat Stack Agent < 2.0, please keep using the 1.8.1 release of this module. Module version 2.0 supports Threat Stack Agent 2.0 and above, only.
+
+### Changed
+- module depends on [puppetlabs/apt](https://github.com/puppetlabs/puppetlabs-apt) and [puppetlabs/stdlib](https://github.com/puppetlabs/puppetlabs-stdlib)
+- paths and `tsagent` related commands are changed to reflect new layout in packages
+- dropped support for TS Agent < 2.0 in this module
+- agent package repos are completely separate
+- supported OSes:
+  - Debian 8, 9
+  - Ubuntu 16.04, 18.04
+  - RedHat 7
+  - CentOS 7
+  - Amazon Linux
+- targets support for Puppet 5.x
+
+
+### Fixed
+- cleaned up code
+- used `apt_source` resource instead of `exec`s
+- updated spec tests
+
+## 1.8.1
+
+### Fixed
+- use `operatingsystem` fact to ensure Amazon Linux can install yum repos
+

Gemfile

@@ -3,18 +3,20 @@ source 'https://rubygems.org'
 source ENV['GEM_SOURCE'] || 'https://rubygems.org'
 
 group :development, :unit_tests do
-  gem 'rake',                        :require => false
-  gem 'rspec-puppet', "2.2.0",       :require => false
-  gem 'puppetlabs_spec_helper',      :require => false
-  gem 'puppet-lint', "1.0.1",        :require => false
-  gem 'librarian-puppet',            :require => false
-  gem 'simplecov',                   :require => false
-  gem 'json',                        :require => false
-  gem 'puppet-syntax',               :require => false
-  gem 'metadata-json-lint', '0.0.4', :require => false
-  gem 'vagrant-wrapper',             :require => false
-  gem 'puppet-blacksmith',           :require => false
-  gem 'rest-client', ">=1.7.3",      :require => false
+  gem 'rake',                         :require => false
+  gem 'rspec-puppet', "2.7.2",        :require => false
+  gem 'puppetlabs_spec_helper',       :require => false
+  gem 'puppet-lint', "2.3.6",         :require => false
+  gem 'librarian-puppet',             :require => false
+  gem 'simplecov',                    :require => false
+  gem 'json',                         :require => false
+  gem 'puppet-syntax',                :require => false
+  gem 'metadata-json-lint', '2.2.0',  :require => false
+  gem 'vagrant-wrapper',              :require => false
+  gem 'puppet-blacksmith',            :require => false
+  gem 'rest-client', ">=1.7.3",       :require => false
+  gem 'semantic_puppet',              :require => false
+  gem 'rspec-puppet-facts', '~> 1.7', :require => false
 end
 group :system_tests do
   gem 'serverspec',      :require => false
@@ -32,7 +34,7 @@ end
 if puppetversion = ENV['PUPPET_VERSION']
   gem 'puppet', puppetversion, :require => false
 else
-  gem 'puppet', '3.8.2', :require => false
+    gem 'puppet', '5.5.8', :require => false
 end
 
 # vim:ft=ruby

README.md

@@ -18,6 +18,7 @@ Platforms
 
 * Amazon Linux
 * CentOS
+* Debian
 * RedHat
 * Ubuntu
 
@@ -36,25 +37,27 @@ Parameters
 =====
 
 * `threatstack::deploy_key` [required] - Set the deploy key for registering the agent.
-* `threatstack::feature_plan` [required] - Threat Stack feature plan package. (https://www.threatstack.com/plans)
-  * `investigate` - Investigate plan.
-  * `monitor` - Monitor tier plan.
-  * `legacy` - Legacy Basic, Advanced, and Pro plans.
-* `threatstack::ruleset` [optional array] - Set the ruleset or rulesets the node will be added to (Defaults to 'Base Rule Set').
+* `threatstack::rulesets` [optional array] - Set the ruleset or rulesets the node will be added to (Default: 'Base Rule Set').
 * `threatstack::configure_agent` [optiona bool] - Set to false to just install agent without configuring. Useful for image building.
-* `threatstack::agent_config_args` [optional string] - Extra arguments to pass during agent activation.  Useful for enabling new platform features.
+* `threatstack::agent_config_args` [optional array of hashes] - Extra arguments to pass during agent activation. Useful for enabling new platform features.
+* `threatstack::extra_args` [optional array of hashes] - optional array of hashes to define setup options for the threatstack agent (Default: `undef`)
+* `threatstack::confdir` [optional string] - path to config directory for the threatstack service (Default: '/opt/threatstack/etc')
+* `threatstack::ts_hostname` [optional string] - hostname of your node (Default: `$::fqdn`)
+* `threatstack::gpg_key` [optional string] - gpg key url for use with yum/apt repos (Default: set in `threatstack::params` based on operating system)
+* `threatstack::package_version` [optional string] - version of the `threatstack-agent` package to install (Default: `installed`)
+* `threatstack::repo_class` [optional string] - name of puppet class that configures the threatstack package repo (Default: either `threatstack::apt` or `threatstack::yum`, set in `threatstack::params` based on operating system)
+* `threatstack::repo_url` [optional string] - url used by threatstack package repo (Default: defined in `threatstack::params` for Debian and RedHat operating system families.)
 
 Example usage
 =====
-Below are some examples for how to use module.
+Below are some examples for how to use this module.
 
 Standard usage
 ===
-Supply a your Threat Stack deploy key, and if you choose, an array of rulesets.
+Supply your Threat Stack deploy key, and if you choose, an array of rulesets.
 ```
 class { '::threatstack':
   deploy_key    => 'MyDeployKey',
-  feature_plan  => 'investigate',
   ruleset       => ['MyRuleset']
 }
 ```
@@ -64,7 +67,6 @@ If you manage your own package repository from which you deploy the agent packag
 ```
 class { '::threatstack':
   deploy_key    => 'MyDeployKey',
-  feature_plan  => 'monitor',
   ruleset       => ['MyRuleset'],
   repo_url      => 'https://my-mirror.example.com/centos-6'
   gpg_key       => 'https://my-mirror.example.com/RPM-GPG-KEY-THREATSTACK'
@@ -93,4 +95,3 @@ Integration testing requires setting `TS_DEPLOY_KEY` in the environment to a val
 export TS_DEPLOY_KEY='<deploy_key>'
 bundle exec kitchen test
 ```
-

Rakefile

@@ -6,9 +6,10 @@ exclude_paths = [
   'pkg/**/*',
   'vendor/**/*',
   'spec/**/*',
+  'pkg/**/*',
 ]
 
-PuppetLint.configuration.log_format = '%{path}:%{linenumber}:%{check}:%{KIND}:%{message}'
+# PuppetLint.configuration.log_format = '%{path}:%{linenumber}:%{check}:%{KIND}:%{message}'
 PuppetLint.configuration.ignore_paths = exclude_paths
 PuppetLint.configuration.send('disable_80chars')
 PuppetLint.configuration.send('disable_autoloader_layout')

data/common.yaml

@@ -0,0 +1,9 @@
+---
+threatstack::params:
+  ts_package: 'threatstack-agent'
+  ts_service: 'threatstack'
+  package_version: 'installed'
+  rulesets: ['Base Rule Set']
+  extra_args: undef
+  cloudsight_bin: '/usr/bin/tsagent'
+  confdir: '/opt/threatstack/etc'

data/os/Amazon.yaml

@@ -0,0 +1,4 @@
+---
+threatstack::params:
+    repo_class: '::threatstack::yum'
+    gpg_key: 'https://app.threatstack.com/RPM-GPG-KEY-THREATSTACK'

data/os/CentOS.yaml

@@ -0,0 +1,4 @@
+---
+threatstack::params:
+    repo_class: '::threatstack::yum'
+    gpg_key: 'https://app.threatstack.com/RPM-GPG-KEY-THREATSTACK'

data/os/Debian.yaml

@@ -0,0 +1,5 @@
+---
+threatstack::params:
+    repo_class: '::threatstack::apt'
+    gpg_key: 'https://app.threatstack.com/APT-GPG-KEY-THREATSTACK'
+