luckylittle · August 22, 2019 04:17
diff --git a/bamboo.yml b/bamboo.yml
 ---
 # Continuous integration powered by Atlassian Bamboo version 6.7.2 build 60706
 # Version: Thu Aug 22 04:15:02 UTC 2019
 project:
  key: ENIX
  plan:
    key: INSPEC
    name: inspec-cis-profile

 # List of plan's stages and jobs
 stages:
  - jobs:
      - scripts:
          - echo 'Cleaning up the working directories...'
          - rm -rvf ${bamboo.build.working.directory}/*
          - rm -rvf ~/*
          - echo 'Installing required software...'
          - yum -y install rpm-build git
          - echo 'Checking versions of the required software...'
          - rpmbuild --version
          - git --version
        interpreter: shell
        # This will run it on a specific host
        requirements:
          - AgentID
          - system.builder.python.python2.7
  - jobs:
      - scripts:
          - echo 'Making the RPM build tree in the working directory...'
          - mkdir -p ~/rpmbuild/{BUILD,RPMS,SOURCES,SPECS,SRPMS}
          - cd ${bamboo.build.working.directory}
          - latest=$(git describe --tags --abbrev=0)
          - lastAuthor=$(git log -1 --pretty=format:'%an')
          - echo "The latest tag/version is ${latest} by ${lastAuthor}"
          - cp -Rv ${bamboo.build.working.directory} ~/rpmbuild/SOURCES/inspec-cis-profile-${latest}
          - echo 'Tarballing the Git repo...'
          - tar cvf ~/rpmbuild/SOURCES/inspec-cis-profile.tar.gz -C ~/rpmbuild/SOURCES inspec-cis-profile-${latest}
          - echo 'Creating the *.spec file in the rpmbuild/SPECS/...'
          - changelogDate=$(date +"%a %b %d %Y")
          - cat <<EOF > ~/rpmbuild/SPECS/inspec-cis-profile.spec
          - 'Name: inspec-cis-profile'
          - 'Version: ${latest}'
          - 'Release: 1%{?dist}'
          - 'Summary: CIS Distribution Independent Linux Benchmark - InSpec Profile'
          - 'License: Apache'
          - 'URL: https://github.com/dev-sec/cis-dil-benchmark'
          - 'Source0: inspec-cis-profile.tar.gz'
          - '%description'
          - CIS Distribution Independent Linux Benchmark - InSpec Profile
          - '%prep'
          - '%setup -q'
          - '%build'
          - '%install'
          - install -m 0755 -d %{buildroot}/usr/local/share/applications/inspec-cis-profile/controls
          - install -m 0755 -d %{buildroot}/usr/local/share/applications/inspec-cis-profile/controls/1_initial_setup
          - install -m 0755 -d %{buildroot}/usr/local/share/applications/inspec-cis-profile/controls/2_services
          - install -m 0755 -d %{buildroot}/usr/local/share/applications/inspec-cis-profile/controls/3_network
          - install -m 0755 -d %{buildroot}/usr/local/share/applications/inspec-cis-profile/controls/4_logging_and_auditing
          - install -m 0755 -d %{buildroot}/usr/local/share/applications/inspec-cis-profile/controls/5_access_authentication_authorization
          - install -m 0755 -d %{buildroot}/usr/local/share/applications/inspec-cis-profile/controls/6_system_maintenance
          - install -m 0600 controls/1_initial_setup/* %{buildroot}/usr/local/share/applications/inspec-cis-profile/controls/1_initial_setup
          - install -m 0600 controls/2_services/* %{buildroot}/usr/local/share/applications/inspec-cis-profile/controls/2_services
          - install -m 0600 controls/3_network/* %{buildroot}/usr/local/share/applications/inspec-cis-profile/controls/3_network
          - install -m 0600 controls/4_logging_and_auditing/* %{buildroot}/usr/local/share/applications/inspec-cis-profile/controls/4_logging_and_auditing
          - install -m 0600 controls/5_access_authentication_authorization/* %{buildroot}/usr/local/share/applications/inspec-cis-profile/controls/5_access_authentication_authorization
          - install -m 0600 controls/6_system_maintenance/* %{buildroot}/usr/local/share/applications/inspec-cis-profile/controls/6_system_maintenance
          - rm -rf controls/ bamboo-specs/
          - install -m 0600 * %{buildroot}/usr/local/share/applications/inspec-cis-profile/
          - '%files'
          - /usr/local/share/applications/inspec-cis-profile/
          - '%changelog'
          - '* ${changelogDate} ${lastAuthor} ${latest}'
          -   '- See CHANGELOG.md for more details'
          - EOF
          - echo 'Building the RPM...'
          - rpmbuild -ba ~/rpmbuild/SPECS/inspec-cis-profile.spec
          - echo 'Moving the artifact to the working directory...'
          - mv -v ~/rpmbuild/RPMS/x86_64/inspec-cis-profile-*.rpm ${bamboo.build.working.directory}
        interpreter: shell
        # This will run it on a specific host
        requirements:
          - AgentID
          - system.builder.python.python2.7
        artifacts:
          - name: inspec-cis-profile
            path: '**/inspec-cis-profile-*.rpm'
  - jobs:
      - scripts:
          - echo 'Nothing to see here for now...'
          - /usr/bin/true
        interpreter: shell
        # This will run it on a specific host
        requirements:
          - AgentID
          - system.builder.python.python2.7
diff --git a/Stage-01.sh b/Stage-01.sh
 #!/bin/bash

 echo 'Cleaning up the working directories...'
 rm -rvf ${bamboo.build.working.directory}/*
 rm -rvf ~/*

 echo 'Installing required software...'
 yum -y install rpm-build git

 echo 'Checking versions of the required software...'
 rpmbuild --version
 git --version
diff --git a/Stage-02.sh b/Stage-02.sh
 # 'Source Code Checkout'
 # 'Contains:'
 # ./bamboo-specs
 # ./bamboo-specs/bamboo.yml
 # ./controls
 # ./controls/1_initial_setup
 # ./controls/1_initial_setup/1_1_filesystem_configuration.rb
 # ./controls/1_initial_setup/1_2_configure_software_updates.rb
 # ./controls/1_initial_setup/1_3_filesystem_integrity_checking.rb
 # ./controls/1_initial_setup/1_4_secure_boot_settings.rb
 # ./controls/1_initial_setup/1_5_additional_process_hardening.rb
 # ./controls/1_initial_setup/1_6_mandatory_access_control.rb
 # ./controls/1_initial_setup/1_7_warning_banners.rb
 # ./controls/1_initial_setup/1_8_ensure_patches.rb
 # ./controls/2_services
 # ./controls/2_services/2_1_inetd_services.rb
 # ./controls/2_services/2_2_special_purpose_services.rb
 # ./controls/2_services/2_3_service_clients.rb
 # ./controls/3_network
 # ./controls/3_network/3_1_network_parameters_host_only.rb
 # ./controls/3_network/3_2_network_parameters_host_and_router.rb
 # ./controls/3_network/3_3_ipv6.rb
 # ./controls/3_network/3_4_tcp_wrappers.rb
 # ./controls/3_network/3_5_uncommon_network_protocols.rb
 # ./controls/3_network/3_6_firewall_configuration.rb
 # ./controls/4_logging_and_auditing
 # ./controls/4_logging_and_auditing/4_1_configure_system_accounting_auditd.rb
 # ./controls/4_logging_and_auditing/4_2_configure_logging.rb
 # ./controls/5_access_authentication_authorization
 # ./controls/5_access_authentication_authorization/5_1_configure_cron.rb
 # ./controls/5_access_authentication_authorization/5_2_ssh_server_configuration.rb
 # ./controls/5_access_authentication_authorization/5_3_configure_pam.rb
 # ./controls/5_access_authentication_authorization/5_4_user_accounts_and_environments.rb
 # ./controls/6_system_maintenance
 # ./controls/6_system_maintenance/6_1_system_file_permissions.rb
 # ./controls/6_system_maintenance/6_2_user_and_group_settings.rb
 # ./CHANGELOG.md
 # ./Gemfile
 # ./inspec.yml
 # ./LICENSE
 # ./Makefile
 # ./Rakefile
 # ./README.md
 # ./run.sh
diff --git a/Stage-03.sh b/Stage-03.sh
 #!/bin/bash
 # Version: Aug 2, 2019, 4:40 PM GMT+10

 echo 'Making the RPM build tree in the working directory...'
 mkdir -p ~/rpmbuild/{BUILD,RPMS,SOURCES,SPECS,SRPMS}

 cd rpmbuild/SOURCES/inspec-cis-profile
 latest=$(git describe --tags)
 lastAuthor=$(git log -1 --pretty=format:'%an')
 echo "The latest tag/version is ${latest} by ${lastAuthor}"

 echo 'Tarballing the Git repo...'
 mv -v ${bamboo.build.working.directory}/rpmbuild/SOURCES/inspec-cis-profile ~/rpmbuild/SOURCES/inspec-cis-profile-${latest}
 tar cvf ~/rpmbuild/SOURCES/inspec-cis-profile.tar.gz -C ~/rpmbuild/SOURCES inspec-cis-profile-${latest}

 echo 'Creating the *.spec file in the rpmbuild/SPECS/...'
 changelogDate=$(date +"%a %b %d %Y")
 cat <<EOF > ~/rpmbuild/SPECS/inspec-cis-profile.spec
 Name: inspec-cis-profile
 Version: ${latest}
 Release: 1%{?dist}
 Summary: CIS Distribution Independent Linux Benchmark - InSpec Profile

 License: Apache
 URL: https://github.com/dev-sec/cis-dil-benchmark
 Source0: inspec-cis-profile.tar.gz

 %description
 CIS Distribution Independent Linux Benchmark - InSpec Profile

 %prep
 %setup -q

 %build

 %install
 install -m 0755 -d %{buildroot}/usr/local/share/applications/inspec-cis-profile/controls
 install -m 0600 controls/* %{buildroot}/usr/local/share/applications/inspec-cis-profile/controls
 rm -rf controls/
 install -m 0600 * %{buildroot}/usr/local/share/applications/inspec-cis-profile/

 %files
 /usr/local/share/applications/inspec-cis-profile/

 %changelog
 * ${changelogDate} ${lastAuthor} ${latest}
  - See CHANGELOG.md for more details
 EOF

 echo 'Building the RPM...'
 rpmbuild -ba ~/rpmbuild/SPECS/inspec-cis-profile.spec

 echo 'Moving the artifact to the working directory...'
 mv -v ~/rpmbuild/RPMS/x86_64/inspec-cis-profile-*.rpm ${bamboo.build.working.directory}/rpmbuild/RPMS/
	---
	# Continuous integration powered by Atlassian Bamboo version 6.7.2 build 60706
	# Version: Thu Aug 22 04:15:02 UTC 2019
	project:
	key: ENIX
	plan:
	key: INSPEC
	name: inspec-cis-profile

	# List of plan's stages and jobs
	stages:
	- jobs:
	- scripts:
	- echo 'Cleaning up the working directories...'
	- rm -rvf ${bamboo.build.working.directory}/*
	- rm -rvf ~/*
	- echo 'Installing required software...'
	- yum -y install rpm-build git
	- echo 'Checking versions of the required software...'
	- rpmbuild --version
	- git --version
	interpreter: shell
	# This will run it on a specific host
	requirements:
	- AgentID
	- system.builder.python.python2.7
	- jobs:
	- scripts:
	- echo 'Making the RPM build tree in the working directory...'
	- mkdir -p ~/rpmbuild/{BUILD,RPMS,SOURCES,SPECS,SRPMS}
	- cd ${bamboo.build.working.directory}
	- latest=$(git describe --tags --abbrev=0)
	- lastAuthor=$(git log -1 --pretty=format:'%an')
	- echo "The latest tag/version is ${latest} by ${lastAuthor}"
	- cp -Rv ${bamboo.build.working.directory} ~/rpmbuild/SOURCES/inspec-cis-profile-${latest}
	- echo 'Tarballing the Git repo...'
	- tar cvf ~/rpmbuild/SOURCES/inspec-cis-profile.tar.gz -C ~/rpmbuild/SOURCES inspec-cis-profile-${latest}
	- echo 'Creating the *.spec file in the rpmbuild/SPECS/...'
	- changelogDate=$(date +"%a %b %d %Y")
	- cat <<EOF > ~/rpmbuild/SPECS/inspec-cis-profile.spec
	- 'Name: inspec-cis-profile'
	- 'Version: ${latest}'
	- 'Release: 1%{?dist}'
	- 'Summary: CIS Distribution Independent Linux Benchmark - InSpec Profile'
	- 'License: Apache'
	- 'URL: https://github.com/dev-sec/cis-dil-benchmark'
	- 'Source0: inspec-cis-profile.tar.gz'
	- '%description'
	- CIS Distribution Independent Linux Benchmark - InSpec Profile
	- '%prep'
	- '%setup -q'
	- '%build'
	- '%install'
	- install -m 0755 -d %{buildroot}/usr/local/share/applications/inspec-cis-profile/controls
	- install -m 0755 -d %{buildroot}/usr/local/share/applications/inspec-cis-profile/controls/1_initial_setup
	- install -m 0755 -d %{buildroot}/usr/local/share/applications/inspec-cis-profile/controls/2_services
	- install -m 0755 -d %{buildroot}/usr/local/share/applications/inspec-cis-profile/controls/3_network
	- install -m 0755 -d %{buildroot}/usr/local/share/applications/inspec-cis-profile/controls/4_logging_and_auditing
	- install -m 0755 -d %{buildroot}/usr/local/share/applications/inspec-cis-profile/controls/5_access_authentication_authorization
	- install -m 0755 -d %{buildroot}/usr/local/share/applications/inspec-cis-profile/controls/6_system_maintenance
	- install -m 0600 controls/1_initial_setup/* %{buildroot}/usr/local/share/applications/inspec-cis-profile/controls/1_initial_setup
	- install -m 0600 controls/2_services/* %{buildroot}/usr/local/share/applications/inspec-cis-profile/controls/2_services
	- install -m 0600 controls/3_network/* %{buildroot}/usr/local/share/applications/inspec-cis-profile/controls/3_network
	- install -m 0600 controls/4_logging_and_auditing/* %{buildroot}/usr/local/share/applications/inspec-cis-profile/controls/4_logging_and_auditing
	- install -m 0600 controls/5_access_authentication_authorization/* %{buildroot}/usr/local/share/applications/inspec-cis-profile/controls/5_access_authentication_authorization
	- install -m 0600 controls/6_system_maintenance/* %{buildroot}/usr/local/share/applications/inspec-cis-profile/controls/6_system_maintenance
	- rm -rf controls/ bamboo-specs/
	- install -m 0600 * %{buildroot}/usr/local/share/applications/inspec-cis-profile/
	- '%files'
	- /usr/local/share/applications/inspec-cis-profile/
	- '%changelog'
	- '* ${changelogDate} ${lastAuthor} ${latest}'
	- '- See CHANGELOG.md for more details'
	- EOF
	- echo 'Building the RPM...'
	- rpmbuild -ba ~/rpmbuild/SPECS/inspec-cis-profile.spec
	- echo 'Moving the artifact to the working directory...'
	- mv -v ~/rpmbuild/RPMS/x86_64/inspec-cis-profile-*.rpm ${bamboo.build.working.directory}
	interpreter: shell
	# This will run it on a specific host
	requirements:
	- AgentID
	- system.builder.python.python2.7
	artifacts:
	- name: inspec-cis-profile
	path: '*/inspec-cis-profile-.rpm'
	- jobs:
	- scripts:
	- echo 'Nothing to see here for now...'
	- /usr/bin/true
	interpreter: shell
	# This will run it on a specific host
	requirements:
	- AgentID
	- system.builder.python.python2.7
	#!/bin/bash

	echo 'Cleaning up the working directories...'
	rm -rvf ${bamboo.build.working.directory}/*
	rm -rvf ~/*

	echo 'Installing required software...'
	yum -y install rpm-build git

	echo 'Checking versions of the required software...'
	rpmbuild --version
	git --version
	# 'Source Code Checkout'
	# 'Contains:'
	# ./bamboo-specs
	# ./bamboo-specs/bamboo.yml
	# ./controls
	# ./controls/1_initial_setup
	# ./controls/1_initial_setup/1_1_filesystem_configuration.rb
	# ./controls/1_initial_setup/1_2_configure_software_updates.rb
	# ./controls/1_initial_setup/1_3_filesystem_integrity_checking.rb
	# ./controls/1_initial_setup/1_4_secure_boot_settings.rb
	# ./controls/1_initial_setup/1_5_additional_process_hardening.rb
	# ./controls/1_initial_setup/1_6_mandatory_access_control.rb
	# ./controls/1_initial_setup/1_7_warning_banners.rb
	# ./controls/1_initial_setup/1_8_ensure_patches.rb
	# ./controls/2_services
	# ./controls/2_services/2_1_inetd_services.rb
	# ./controls/2_services/2_2_special_purpose_services.rb
	# ./controls/2_services/2_3_service_clients.rb
	# ./controls/3_network
	# ./controls/3_network/3_1_network_parameters_host_only.rb
	# ./controls/3_network/3_2_network_parameters_host_and_router.rb
	# ./controls/3_network/3_3_ipv6.rb
	# ./controls/3_network/3_4_tcp_wrappers.rb
	# ./controls/3_network/3_5_uncommon_network_protocols.rb
	# ./controls/3_network/3_6_firewall_configuration.rb
	# ./controls/4_logging_and_auditing
	# ./controls/4_logging_and_auditing/4_1_configure_system_accounting_auditd.rb
	# ./controls/4_logging_and_auditing/4_2_configure_logging.rb
	# ./controls/5_access_authentication_authorization
	# ./controls/5_access_authentication_authorization/5_1_configure_cron.rb
	# ./controls/5_access_authentication_authorization/5_2_ssh_server_configuration.rb
	# ./controls/5_access_authentication_authorization/5_3_configure_pam.rb
	# ./controls/5_access_authentication_authorization/5_4_user_accounts_and_environments.rb
	# ./controls/6_system_maintenance
	# ./controls/6_system_maintenance/6_1_system_file_permissions.rb
	# ./controls/6_system_maintenance/6_2_user_and_group_settings.rb
	# ./CHANGELOG.md
	# ./Gemfile
	# ./inspec.yml
	# ./LICENSE
	# ./Makefile
	# ./Rakefile
	# ./README.md
	# ./run.sh
	#!/bin/bash
	# Version: Aug 2, 2019, 4:40 PM GMT+10

	echo 'Making the RPM build tree in the working directory...'
	mkdir -p ~/rpmbuild/{BUILD,RPMS,SOURCES,SPECS,SRPMS}

	cd rpmbuild/SOURCES/inspec-cis-profile
	latest=$(git describe --tags)
	lastAuthor=$(git log -1 --pretty=format:'%an')
	echo "The latest tag/version is ${latest} by ${lastAuthor}"

	echo 'Tarballing the Git repo...'
	mv -v ${bamboo.build.working.directory}/rpmbuild/SOURCES/inspec-cis-profile ~/rpmbuild/SOURCES/inspec-cis-profile-${latest}
	tar cvf ~/rpmbuild/SOURCES/inspec-cis-profile.tar.gz -C ~/rpmbuild/SOURCES inspec-cis-profile-${latest}

	echo 'Creating the *.spec file in the rpmbuild/SPECS/...'
	changelogDate=$(date +"%a %b %d %Y")
	cat <<EOF > ~/rpmbuild/SPECS/inspec-cis-profile.spec
	Name: inspec-cis-profile
	Version: ${latest}
	Release: 1%{?dist}
	Summary: CIS Distribution Independent Linux Benchmark - InSpec Profile

	License: Apache
	URL: https://github.com/dev-sec/cis-dil-benchmark
	Source0: inspec-cis-profile.tar.gz

	%description
	CIS Distribution Independent Linux Benchmark - InSpec Profile

	%prep
	%setup -q

	%build

	%install
	install -m 0755 -d %{buildroot}/usr/local/share/applications/inspec-cis-profile/controls
	install -m 0600 controls/* %{buildroot}/usr/local/share/applications/inspec-cis-profile/controls
	rm -rf controls/
	install -m 0600 * %{buildroot}/usr/local/share/applications/inspec-cis-profile/

	%files
	/usr/local/share/applications/inspec-cis-profile/

	%changelog
	* ${changelogDate} ${lastAuthor} ${latest}
	- See CHANGELOG.md for more details
	EOF

	echo 'Building the RPM...'
	rpmbuild -ba ~/rpmbuild/SPECS/inspec-cis-profile.spec

	echo 'Moving the artifact to the working directory...'
	mv -v ~/rpmbuild/RPMS/x86_64/inspec-cis-profile-*.rpm ${bamboo.build.working.directory}/rpmbuild/RPMS/