Security News
Research
Data Theft Repackaged: A Case Study in Malicious Wrapper Packages on npm
The Socket Research Team breaks down a malicious wrapper package that uses obfuscation to harvest credentials and exfiltrate sensitive data.
This is a Vagrant 1.1+ plugin that adds an Action.IO provider to Vagrant, allowing Vagrant to control and provision boxes in Action.IO.
rsync
.Install using standard Vagrant 1.1+ plugin installation methods. After
installing, vagrant up
and specify the actionio
provider. An example is
shown below.
$ vagrant plugin install vagrant-actionio
...
$ vagrant up --provider=actionio
...
After installing Vagrant 1.1+ and the Action.IO vagrant provider, open
Vagrant Settings page on Action.IO
to generate an access token and an example Vagrantfile
. Copy the contents
of the example Vagrantfile
to your Vagrantfile
and feel free to edit it
to specify your needs. Once done, run vagrant up --provider=actionio
to create a box on Action.IO.
Every provider in Vagrant must introduce a custom box format. This
provider introduces actionio
box format. You can view an example box in
the example_box/ directory.
That directory also contains instructions on how to build a .box
file.
The box format is basically just the required metadata.json
file
along with a Vagrantfile
that does default settings for the
provider-specific configuration for this provider.
The provider exposes a few provider-specific configuration options:
access_token
- The access token for accessing Action.IO API.region
- Region to create Action.IO box in.
us-west-1
us-west-1
eu-west-1
sa-east-1
ap-southeast-1
ap-southeast-2
stack
- Name of the base stack.
rails
django
nodejs
go
These can be set like typical provider-specific configuration:
Vagrant.configure("2") do |config|
config.vm.box = "actionio-dummy"
config.vm.provider :actionio do |aio|
aio.access_token = "abcdefghijklmnopqrstuvwxyz0123456789abcdefghijklmnopqrstuvwxyz01"
aio.region = "us-west-1"
aio.stack = "rails"
aio.ssh_private_key_path = "~/.ssh/id_rsa"
end
end
Action.IO currently does not provide super-user access for free boxes.
This means that provisioner scripts that require sudo
or root
access
will not work for free boxes. Paid plans with super-user access is
coming soon.
Networking features in the form of config.vm.network
are not
supported with vagrant-actionio
, currently. If any of these are
specified, Vagrant will emit a warning, but will otherwise boot
the Action.IO box.
There is minimal support for synced folders. Upon vagrant up
,
vagrant reload
, and vagrant provision
, the Actin.IO provider
will use rsync
(if available) to uni-directionally sync the folder
to the remote machine over SSH.
This is good enough for all built-in Vagrant provisioners (shell, chef, and puppet) to work!
For bi-directional realtime syncing, please check out Action.IO for Mac.
Copyright (c) 2013 Irrational Industries Inc. and Mitchell Hashimoto This software is licensed under the MIT License.
FAQs
Unknown package
We found that vagrant-actionio demonstrated a not healthy version release cadence and project activity because the last version was released a year ago. It has 4 open source maintainers collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Security News
Research
The Socket Research Team breaks down a malicious wrapper package that uses obfuscation to harvest credentials and exfiltrate sensitive data.
Research
Security News
Attackers used a malicious npm package typosquatting a popular ESLint plugin to steal sensitive data, execute commands, and exploit developer systems.
Security News
The Ultralytics' PyPI Package was compromised four times in one weekend through GitHub Actions cache poisoning and failure to rotate previously compromised API tokens.