docker support

Author: Sebastian Gumprich

.kitchen.vagrant.yml

@@ -0,0 +1,57 @@
+---
+driver:
+  name: vagrant
+provisioner:
+  name: ansible_playbook
+  test_repo_uri: https://github.com/hardening-io/tests-mysql-hardening.git
+  hosts: all
+  playbook: default.yml
+  require_ansible_repo: false
+  require_ansible_omnibus: true
+  requirements_path: requirements.yml
+  ansible_verbose: true
+  ansible_diff: true
+  roles_path: ../ansible-mysql-hardening/
+
+platforms:
+- name: ubuntu-12.04
+  driver_config:
+    box: opscode-ubuntu-12.04
+    box_url: https://opscode-vm-bento.s3.amazonaws.com/vagrant/virtualbox/opscode_ubuntu-12.04_chef-provisionerless.box
+- name: ubuntu-14.04
+  driver_config:
+    box: opscode-ubuntu-14.04
+    box_url: https://opscode-vm-bento.s3.amazonaws.com/vagrant/virtualbox/opscode_ubuntu-14.04_chef-provisionerless.box
+- name: centos-6.4
+  driver_config:
+    box: opscode-centos-6.4
+    box_url: https://opscode-vm.s3.amazonaws.com/vagrant/opscode_centos-6.4_provisionerless.box
+- name: centos-6.5
+  driver_config:
+    box: opscode-centos-6.5
+    box_url: https://opscode-vm-bento.s3.amazonaws.com/vagrant/virtualbox/opscode_centos-6.5_chef-provisionerless.box
+- name: oracle-6.4
+  driver_config:
+    box: oracle-6.4
+    box_url: https://storage.us2.oraclecloud.com/v1/istoilis-istoilis/vagrant/oel64-64.box
+- name: oracle-6.5
+  driver_config:
+    box: oracle-6.5
+    box_url: https://storage.us2.oraclecloud.com/v1/istoilis-istoilis/vagrant/oel65-64.box
+- name: debian-6
+  driver_config:
+    box: debian-6
+    box_url: https://opscode-vm-bento.s3.amazonaws.com/vagrant/virtualbox/opscode_debian-6.0.10_chef-provisionerless.box
+- name: debian-7
+  driver_config:
+    box: debian-7
+    box_url: https://opscode-vm-bento.s3.amazonaws.com/vagrant/virtualbox/opscode_debian-7.8_chef-provisionerless.box
+- name: debian-8
+  driver_config:
+    box: debian-8
+    box_url: https://opscode-vm-bento.s3.amazonaws.com/vagrant/virtualbox/opscode_debian-8.1_chef-provisionerless.box
+suites:
+- name: ansible_1.9
+  provisioner:
+    ansible_version: 1.9.4
+- name: ansible_latest

.kitchen.yml

@@ -1,58 +1,59 @@
 ---
 driver:
-  name: vagrant
+  name: docker
+
+transport:
+  max_ssh_sessions: 5
+
 provisioner:
   name: ansible_playbook
-  test_repo_uri: https://github.com/hardening-io/tests-mysql-hardening.git
   hosts: all
-  playbook: default.yml
   require_ansible_repo: false
   require_ansible_omnibus: true
+  require_chef_for_busser: false
+  require_ruby_for_busser: false
   requirements_path: requirements.yml
   ansible_verbose: true
-  ansible_diff: true
   roles_path: ../ansible-mysql-hardening/
   sudo_command: 'sudo -E -H'
+  playbook: default.yml
 
 platforms:
 - name: ubuntu-12.04
-  driver_config:
-    box: opscode-ubuntu-12.04
-    box_url: https://opscode-vm-bento.s3.amazonaws.com/vagrant/virtualbox/opscode_ubuntu-12.04_chef-provisionerless.box
+  driver:
+    image: ubuntu:12.04
 - name: ubuntu-14.04
-  driver_config:
-    box: opscode-ubuntu-14.04
-    box_url: https://opscode-vm-bento.s3.amazonaws.com/vagrant/virtualbox/opscode_ubuntu-14.04_chef-provisionerless.box
-- name: centos-6.4
-  driver_config:
-    box: opscode-centos-6.4
-    box_url: https://opscode-vm.s3.amazonaws.com/vagrant/opscode_centos-6.4_provisionerless.box
-- name: centos-6.5
-  driver_config:
-    box: opscode-centos-6.5
-    box_url: https://opscode-vm-bento.s3.amazonaws.com/vagrant/virtualbox/opscode_centos-6.5_chef-provisionerless.box
-- name: oracle-6.4
-  driver_config:
-    box: oracle-6.4
-    box_url: https://storage.us2.oraclecloud.com/v1/istoilis-istoilis/vagrant/oel64-64.box
-- name: oracle-6.5
-  driver_config:
-    box: oracle-6.5
-    box_url: https://storage.us2.oraclecloud.com/v1/istoilis-istoilis/vagrant/oel65-64.box
-- name: debian-6
-  driver_config:
-    box: debian-6
-    box_url: https://opscode-vm-bento.s3.amazonaws.com/vagrant/virtualbox/opscode_debian-6.0.10_chef-provisionerless.box
+  driver:
+    image: ubuntu:14.04
+- name: ubuntu-16.04
+  driver:
+    image: ubuntu:16.04
+- name: centos-6.6
+  driver:
+    image: centos:6.6
+- name: centos-6.7
+  driver:
+    image: centos:6.7
+- name: centos-7
+  driver:
+    image: centos:7
+    privileged: true
+    run_command: /usr/sbin/init
 - name: debian-7
-  driver_config:
-    box: debian-7
-    box_url: https://opscode-vm-bento.s3.amazonaws.com/vagrant/virtualbox/opscode_debian-7.8_chef-provisionerless.box
+  driver:
+    image: debian:7
 - name: debian-8
-  driver_config:
-    box: debian-8
-    box_url: https://opscode-vm-bento.s3.amazonaws.com/vagrant/virtualbox/opscode_debian-8.1_chef-provisionerless.box
+  driver:
+    image: debian:8
+
+verifier:
+  name: inspec
+  sudo: true
+  inspec_tests:
+    - https://github.com/dev-sec/tests-mysql-hardening
+
 suites:
-- name: ansible_1.9
+- name: mysql-ansible_1.9
   provisioner:
     ansible_version: 1.9.4
-- name: ansible_latest
+- name: mysql-ansible_latest

Gemfile

@@ -4,26 +4,26 @@ source 'https://rubygems.org'
 
 group :test do
   gem 'rake'
-#  gem 'chefspec',   '~> 4.2.0'
   gem 'foodcritic', '~> 4.0'
   gem 'thor-foodcritic'
-#  gem 'rubocop',    '~> 0.28.0'
   gem 'coveralls',  require: false
 end
 
 group :development do
   gem 'guard'
   gem 'guard-rspec'
   gem 'guard-kitchen'
-#  gem 'guard-rubocop'
-#  gem 'guard-foodcritic'
 end
 
 group :integration do
-  gem 'test-kitchen', '~> 1.0'
+  gem 'test-kitchen', '~> 1.0', :git => 'https://github.com/test-kitchen/test-kitchen'
   gem 'kitchen-ansible'
   gem 'kitchen-vagrant'
+  gem 'kitchen-inspec'
   gem 'kitchen-sharedtests', '~> 0.2.0'
+  gem 'kitchen-sync'
+  gem 'kitchen-transport-rsync'
+  gem 'kitchen-docker'
 end
 
 group :openstack do

defaults/main.yml

@@ -7,7 +7,7 @@ mysql_hardening_group: 'root'
 mysql_datadir: '/var/lib/mysql'
 mysql_hardening_hardening_conf: '/etc/mysql/conf.d/hardening.cnf'
 # You have to change this to your own strong enough mysql root password
-mysql_root_password: '-----====>SetR00tPa$$wordH3r3!!!<====-----'
+mysql_root_password: 'root'
 # There .my.cnf with mysql root credentials will be installed 
 mysql_user_home: "{{ ansible_env.HOME}}"