Sha256: 8b96d982458ffc1997999b603c7cdfdff89acd6e011b2a3368b73ccc3cda215e

Contents?: true

Size: 1.77 KB

Versions: 13

Compression:

Stored size: 1.77 KB

Contents

module HybridPlatformsConductor

  module HpcPlugins

    module Test

      # Test that the vulnerabilities Spectre and Meltdown are patched
      class Spectre < HybridPlatformsConductor::Test

        VULNERABILITIES_TO_CHECK = {
          'CVE-2017-5753' => 'Spectre Variant 1',
          'CVE-2017-5715' => 'Spectre Variant 2',
          'CVE-2017-5754' => 'Meltdown'
        }

        # Check my_test_plugin.rb.sample documentation for signature details.
        def test_on_node
          spectre_cmd = <<~EOS
            #{@deployer.instance_variable_get(:@actions_executor).connector(:ssh).ssh_user == 'root' ? '' : "#{@nodes_handler.sudo_on(@node)} "}/bin/bash <<'EOAction'
            #{File.read("#{__dir__}/spectre-meltdown-checker.sh")}
            EOAction
          EOS
          {
            spectre_cmd => {
              validator: proc do |stdout|
                VULNERABILITIES_TO_CHECK.each do |id, name|
                  id_regexp = /#{Regexp.escape(id)}/
                  status_idx = stdout.index { |line| line =~ id_regexp }
                  if status_idx.nil?
                    error "Unable to find vulnerability section #{id}"
                  else
                    while !stdout[status_idx].nil? && !(stdout[status_idx] =~ /STATUS:[^A-Z]+([A-Z ]+)/)
                      status_idx += 1
                    end
                    if stdout[status_idx].nil?
                      error "Unable to find vulnerability status for #{id}"
                    else
                      status = $1.strip
                      error "Status for #{name}: #{status}" if status != 'NOT VULNERABLE'
                    end
                  end
                end
              end,
              timeout: 30
            }
          }
        end

      end

    end

  end

end

Version data entries

13 entries across 13 versions & 1 rubygems

Version Path
hybrid_platforms_conductor-32.17.0 lib/hybrid_platforms_conductor/hpc_plugins/test/spectre.rb
hybrid_platforms_conductor-32.16.4 lib/hybrid_platforms_conductor/hpc_plugins/test/spectre.rb
hybrid_platforms_conductor-32.16.3 lib/hybrid_platforms_conductor/hpc_plugins/test/spectre.rb
hybrid_platforms_conductor-32.16.2 lib/hybrid_platforms_conductor/hpc_plugins/test/spectre.rb
hybrid_platforms_conductor-32.16.1 lib/hybrid_platforms_conductor/hpc_plugins/test/spectre.rb
hybrid_platforms_conductor-32.16.0 lib/hybrid_platforms_conductor/hpc_plugins/test/spectre.rb
hybrid_platforms_conductor-32.15.0 lib/hybrid_platforms_conductor/hpc_plugins/test/spectre.rb
hybrid_platforms_conductor-32.14.0 lib/hybrid_platforms_conductor/hpc_plugins/test/spectre.rb
hybrid_platforms_conductor-32.13.4 lib/hybrid_platforms_conductor/hpc_plugins/test/spectre.rb
hybrid_platforms_conductor-32.13.3 lib/hybrid_platforms_conductor/hpc_plugins/test/spectre.rb
hybrid_platforms_conductor-32.13.2 lib/hybrid_platforms_conductor/hpc_plugins/test/spectre.rb
hybrid_platforms_conductor-32.13.1 lib/hybrid_platforms_conductor/hpc_plugins/test/spectre.rb
hybrid_platforms_conductor-32.13.0 lib/hybrid_platforms_conductor/hpc_plugins/test/spectre.rb