jimmycuadra
commented
9 years ago CI failure looks like a configuration problem... This passed kitchen test for me locally.
Closed jimmycuadra closed 9 years ago
jimmycuadra
commented
9 years ago CI failure looks like a configuration problem... This passed kitchen test for me locally.
martinb3
commented
9 years ago @jimmycuadra Thanks for the contribution! CircleCI won't build branches owned by a non-project/non-approved owner, as it could potentially expose secrets. This is expected behavior. I've pushed a branch with your changes into the main git repo, so that they will be tested appropriately.
martinb3
commented
9 years ago Looks like this ended up choking on a current rubocop gem issue: https://github.com/bbatsov/rubocop/issues/2218
I've added https://github.com/rackspace-cookbooks/elkstack/commit/ff15484d6c28498756fbf699a49de206abc3a776 and it did pass in CircleCI after that, so I'm going to manually merge, and it will include your commits. Thank you for the contribution @jimmycuadra!
jimmycuadra
commented
9 years ago Thanks for merging! If you think of it, please leave a comment here when a new version is uploaded to the Supermarket so I can update my wrapper cookbook. :}
martinb3
commented
9 years ago @jimmycuadra No problem! I pushed 6.0.4 with your changes, so you should be all set to use Supermarket again.
This branch includes one change and one addition related to security and Kibana's web server:
Disallow the SSLv3 protocol which is vulnerable to POODLE. Update the allowed TLS cipher suite according to current best practices.
Reference: https://raymii.org/s/tutorials/Strong_SSL_Security_On_nginx.html.
['elkstack']['config']['kibana']['prepare_ssl']which allows users to disable thekibana_sslrecipe if they wish to configure this themselves (including providing their own certificate and private key). The default istrue, meaning the behaivor stays as it is by default.