
Security News
Follow-up and Clarification on Recent Malicious Ruby Gems Campaign
A clarification on our recent research investigating 60 malicious Ruby gems.
This is a wrapper around the vCloud director API that should allow for easy provisioning of VMs.
gem install vcloud-box-spinner
You should be able to do vcloud-box-spinner --help
Usage: vcloud-box-spinner [options] <org_config> <machine_config>
Provision a machine described by the JSON template `machine_config` in the vCloud organisation
described in the JSON config file `org_config`
e.g. vcloud-box-spinner -u username orgs/staging.json machines/frontend-1.json
-c, --credential=GROUP fog credential group
-u, --user=USERNAME vCloud username
-p, --password=PASSWORD vCloud password
-F, --ssh-config=FILENAME SSH config file(s) to use (can be specified multiple times)
-s, --setup-script=SETUP-SCRIPT path to setup script that should run after machine is brought up
-d, --debug Enable debugging output
-v, --verbose Enable verbose output
-h, --help Show usage instructions
To provision a machine you will need to specify at least two JSON files:
Options:
user
is the username on your "vmware vcloud director" page
(usually in the top right corner).
setup-script
allows you to pass a script file path (shell), which
would be loaded as guest customization script. The purpose of
providing this option, is to let user do some basic bootstraping.
The script is not for the purpose of encouraging configuration
management and that should be done separately. A particular example
of how you can use the script is - You can set ssh configuration for
a user(eg ci), which can ssh in the system later and run the config
management script/tool.
On how to write this script please refer the following links:
The best way to understand the formats of the json files, read the docs here
Once you have an org and machine config, you can invoke the provisioner as follows:
vcloud-box-spinner -u username -p password org_config.json machine_config.json
FOG_RC
specifies the fog credentials file if not ~/.fog
.FOG_CREDENTIAL
specifies the credential group if not default
.refer here
You can run the tests with:
bundle exec rake
FAQs
Unknown package
We found that vcloud-box-spinner demonstrated a not healthy version release cadence and project activity because the last version was released a year ago. It has 1 open source maintainer collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Security News
A clarification on our recent research investigating 60 malicious Ruby gems.
Security News
ESLint now supports parallel linting with a new --concurrency flag, delivering major speed gains and closing a 10-year-old feature request.
Research
/Security News
A malicious Go module posing as an SSH brute forcer exfiltrates stolen credentials to a Telegram bot controlled by a Russian-speaking threat actor.