Scott Ford smford22

## chef_local_development_workflow.md

      
              1 file
            
          
              13 forks
            
          
              0 comments
            
          
              28 stars
            
          
                smford22
                / chef_local_development_workflow.md
            
            
              Last active
              November 1, 2023 00:07
            
              
                Chef Local Development Workflow - ChefDK, Vagrant, VirtualBox, Test Kitchen
              
          
    Chef Local Development Workflow with ChefDK, Vagrant, VirtualBox, and Test Kitchen

Overview

The following document is intended to be a quick guide to getting you setup for doing local development with Chef. This guide was created on my MacBook, but should work fine with Linux, and Windows workstations as well.
Quick review on fundamental tenets of Chef


Workstation - A workstation is a computer that is configured to run various Chef command-line tools that synchronize with a chef-repo, author cookbooks, interact with the Chef server, interact with nodes, or applications like Chef Delivery
Node - A node is any machine—physical, virtual, cloud, network device, etc.—that is under management by Chef.
Chef Server- The Chef server acts as a hub for configuration data. The Chef server stores cookbooks, the policies that are applied to nodes, and metadata that describes each registered


## main.tf
/*
This is a test server definition for GCE+Terraform for GH-9564
*/

provider "google" {
  project = "${var.project}" // Your project ID here.
  region  = "${var.region}"
}

resource "google_compute_firewall" "gh-9564-firewall-externalssh" {

## install_docker_ubuntu_1804.md

      
              1 file
            
          
              1 fork
            
          
              0 comments
            
          
              0 stars
            
          
                smford22
                / install_docker_ubuntu_1804.md
            
            
              Last active
              August 14, 2021 17:24
            
              
                Kubernetes Setup on Ubuntu 18.04
              
          
    Setting Up Kubernetes on Ubuntu 18.04

This document is an overview of setting up a Kubernetes cluster on three Ubuntu 18.04 nodes. The three nodes are described as follows with the following components installed:
Kubernetes Components

Kubernetes is made up of multiple components that make up a cluster. Many of the components are actually pods in the cluster running under kube-system. The following components make up the k8s control plane
etcd

etcd is a synchronized data store for storing and sharing the cluster state across nodes in the cluster
kube-apiserver


## local_hab_workstation.md

      
              1 file
            
          
              1 fork
            
          
              0 comments
            
          
              3 stars
            
          
                smford22
                / local_hab_workstation.md
            
            
              Last active
              August 11, 2021 01:39
            
              
                Local Habitat Windows Workstation for Mac OS X with Vagrant and VirtualBox
              
          
    Local Habitat Windows Workstation for Mac OS X with Vagrant and VirtualBox

The following document describes how to setup a Mac OS X workstation for developing Habitat Packages for Windows using
Vagrant and  VirtualBox
Software Tools Prereqs:

Before you begin you should have the following tools installed on your Mac workstation:

Vagrant
VirtualBox
vagrant-reload plugin - Open a terminal and run the command vagrant plugin install vagrant-reload


## cve.rb
# Simple Inspec control
control 'cve-blah-blah-blah' do
  impact 1.0
  title 'Ensure our systems are not vulnerable to the blah blah blah cve'
  desc 'Blah Blah Blah VVE is dangerous'
  describe file('/tmp/blahblahblah') do
    it { should_not exist }
  end
end

## setup_hab.sh

curl https://raw.githubusercontent.com/habitat-sh/habitat/master/components/hab/install.sh | sudo bash
hab license accept

cat << EOF > /etc/systemd/system/hab-sup.service
[Unit]
Description=Habitat Supervisor

[Service]
ExecStartPre=/bin/bash -c /bin/systemctl

## password_policy.rb
title 'Password Policy'

control 'cis-enforce-password-history-1.1.1' do
  impact 0.7
  title '1.1.1 Set Enforce password history to 24 or more passwords'
  desc 'Set Enforce password history to 24 or more passwords'
  describe security_policy do
    its('PasswordHistorySize') { should be >= 24 }
  end
end

## run
#!/bin/bash

{{#if bind.database ~}}
export CATALINA_OPTS="-DMONGODB_SERVICE_HOST={{bind.database.first.sys.ip}} -DMONGODB_SERVICE_PORT={{bind.database.first.cfg.port}} -DMONGODB_DATABASE={{cfg.mongodb_database}}"
{{/if ~}}

export JAVA_HOME="{{pkgPathFor "core/jre8"}}"
export TOMCAT_HOME="{{pkgPathFor "core/tomcat8"}}/tc"
cp {{pkg.path}}/*.war $TOMCAT_HOME/webapps
exec ${TOMCAT_HOME}/bin/catalina.sh run

## plan.sh
pkg_name=national-parks
pkg_origin=<YOUR ORIGIN>
pkg_version="6.3.0"
pkg_maintainer="The Habitat Maintainers humans@habitat.sh"
pkg_license=("Apache-2.0")
pkg_deps=(core/tomcat8 core/jre8 core/mongo-tools)
pkg_build_deps=(core/jdk8/8u131 core/maven)
pkg_svc_user="root"
pkg_binds=(
  [database]="port"

## init
#!/bin/bash

ln -vsf {{pkg.svc_config_path}}/conf_server.xml {{pkgPathFor "core/tomcat8"}}/tc/conf/server.xml

{{#if bind.database ~}}
{{pkgPathFor "core/mongo-tools"}}/bin/mongoimport --drop -d demo -c nationalparks --type json --jsonArray --file {{pkg.path}}/national-parks.json --host={{bind.database.first.sys.ip}} --port={{bind.database.first.cfg.port}}
{{/if ~}}
	/*
	This is a test server definition for GCE+Terraform for GH-9564
	*/

	provider "google" {
	project = "${var.project}" // Your project ID here.
	region = "${var.region}"
	}

	resource "google_compute_firewall" "gh-9564-firewall-externalssh" {
	# Simple Inspec control
	control 'cve-blah-blah-blah' do
	impact 1.0
	title 'Ensure our systems are not vulnerable to the blah blah blah cve'
	desc 'Blah Blah Blah VVE is dangerous'
	describe file('/tmp/blahblahblah') do
	it { should_not exist }
	end
	end

	curl https://raw.githubusercontent.com/habitat-sh/habitat/master/components/hab/install.sh \| sudo bash
	hab license accept

	cat << EOF > /etc/systemd/system/hab-sup.service
	[Unit]
	Description=Habitat Supervisor

	[Service]
	ExecStartPre=/bin/bash -c /bin/systemctl
	title 'Password Policy'

	control 'cis-enforce-password-history-1.1.1' do
	impact 0.7
	title '1.1.1 Set Enforce password history to 24 or more passwords'
	desc 'Set Enforce password history to 24 or more passwords'
	describe security_policy do
	its('PasswordHistorySize') { should be >= 24 }
	end
	end
	#!/bin/bash

	{{#if bind.database ~}}
	export CATALINA_OPTS="-DMONGODB_SERVICE_HOST={{bind.database.first.sys.ip}} -DMONGODB_SERVICE_PORT={{bind.database.first.cfg.port}} -DMONGODB_DATABASE={{cfg.mongodb_database}}"
	{{/if ~}}

	export JAVA_HOME="{{pkgPathFor "core/jre8"}}"
	export TOMCAT_HOME="{{pkgPathFor "core/tomcat8"}}/tc"
	cp {{pkg.path}}/*.war $TOMCAT_HOME/webapps
	exec ${TOMCAT_HOME}/bin/catalina.sh run
	pkg_name=national-parks
	pkg_origin=<YOUR ORIGIN>
	pkg_version="6.3.0"
	pkg_maintainer="The Habitat Maintainers humans@habitat.sh"
	pkg_license=("Apache-2.0")
	pkg_deps=(core/tomcat8 core/jre8 core/mongo-tools)
	pkg_build_deps=(core/jdk8/8u131 core/maven)
	pkg_svc_user="root"
	pkg_binds=(
	[database]="port"
	#!/bin/bash

	ln -vsf {{pkg.svc_config_path}}/conf_server.xml {{pkgPathFor "core/tomcat8"}}/tc/conf/server.xml

	{{#if bind.database ~}}
	{{pkgPathFor "core/mongo-tools"}}/bin/mongoimport --drop -d demo -c nationalparks --type json --jsonArray --file {{pkg.path}}/national-parks.json --host={{bind.database.first.sys.ip}} --port={{bind.database.first.cfg.port}}
	{{/if ~}}