{"id":31702054,"url":"https://github.com/instruct-br/puppet_auditor","last_synced_at":"2025-10-08T21:11:22.226Z","repository":{"id":56889597,"uuid":"131022817","full_name":"instruct-br/puppet_auditor","owner":"instruct-br","description":null,"archived":false,"fork":false,"pushed_at":"2020-07-28T04:02:10.000Z","size":40,"stargazers_count":1,"open_issues_count":4,"forks_count":0,"subscribers_count":18,"default_branch":"master","last_synced_at":"2025-10-08T03:01:48.552Z","etag":null,"topics":[],"latest_commit_sha":null,"homepage":null,"language":"Ruby","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":"mit","status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/instruct-br.png","metadata":{"files":{"readme":"README.md","changelog":null,"contributing":null,"funding":null,"license":"LICENSE","code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":null,"support":null}},"created_at":"2018-04-25T14:56:25.000Z","updated_at":"2019-02-28T22:02:22.000Z","dependencies_parsed_at":"2022-08-21T00:50:21.031Z","dependency_job_id":null,"html_url":"https://github.com/instruct-br/puppet_auditor","commit_stats":null,"previous_names":[],"tags_count":3,"template":false,"template_full_name":null,"purl":"pkg:github/instruct-br/puppet_auditor","repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/instruct-br%2Fpuppet_auditor","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/instruct-br%2Fpuppet_auditor/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/instruct-br%2Fpuppet_auditor/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/instruct-br%2Fpuppet_auditor/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/instruct-br","download_url":"https://codeload.github.com/instruct-br/puppet_auditor/tar.gz/refs/heads/master","sbom_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/instruct-br%2Fpuppet_auditor/sbom","scorecard":null,"host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":279000716,"owners_count":26082837,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2022-07-04T15:15:14.044Z","status":"online","status_checked_at":"2025-10-08T02:00:06.501Z","response_time":56,"last_error":null,"robots_txt_status":"success","robots_txt_updated_at":"2025-07-24T06:49:26.215Z","robots_txt_url":"https://github.com/robots.txt","online":true,"can_crawl_api":true,"host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":[],"created_at":"2025-10-08T21:11:16.406Z","updated_at":"2025-10-08T21:11:22.220Z","avatar_url":"https://github.com/instruct-br.png","language":"Ruby","funding_links":[],"categories":[],"sub_categories":[],"readme":"[![Build Status](https://travis-ci.org/instruct-br/puppet_auditor.svg?branch=master)](https://travis-ci.org/instruct-br/puppet_auditor)\n[![Gem Version](https://badge.fury.io/rb/puppet_auditor.svg)](https://badge.fury.io/rb/puppet_auditor)\n\n# PuppetAuditor\n\nPuppetAuditor is a tool to test Puppet manifests against a set of defined rules.\n\n## Installation\n\nInstall PuppetAuditor with the gem command:\n\n```\n$ gem install puppet_auditor\n```\n\n## Usage\n\nAfter the gem is installed, the tool can be used by calling:\n```\n$ puppet_auditor\n```\n\nUse the `--help` to check usage options.\n\nThe tool will check your code against the defined rules and display\nmessages if it finds any violation.\n\n## Defining rules\n\nPuppetAuditor will attempt to load rules following this hierarchy:\n\n- Rules defined in the host `/etc/puppet_auditor.yaml`\n- Rules defined in the user home `~/.puppet_auditor.yaml`\n- Rules defined in the project `$(pwd)/.puppet_auditor.yaml`\n\nThe yaml file with the rules should follow this format:\n\n```yaml\npuppet_auditor_version: '1'\nrules:\n- name: Dangerous file config\n  resource: file\n  attributes:\n    recurse:\n      equals: true\n    ensure:\n      equals: present\n  message: Dont use recurse or ambiguous ensure\n- name: Cant use latest\n  resource: package\n  attributes:\n    ensure:\n      equals: latest\n  message: Do not use latest\n```\n\nThe list of rules should declare individual rules with the following keys:\n\n- `name`: a name for the defined rule\n- `resource`: which resource should this rule verify\n- `attributes`: an array of attributes that should be verified in this resource\n- `message`: text that will appear if the rule is violated\n\nThe `attributes` value should follow this structre:\n\n```yaml\nattribute:\n  comparison: value\n```\n\nWhere the `attribute` is a valid attribute for the valuated resource like \"ensure\" or \"command\", \n`comparison` is one of the comparison function availables like \"equals\" or \"matches\" and the\n`value` is the value that will be compared using the comparison function. \n\nThe following comparison functions are available:\n\n- matches (regex)\n- not_matches (regex)\n- equals\n- not_equal\n- less_than\n- less_or_equal_to\n- greater_than\n- greater_or_equal_to\n\nFor some samples check out the `spec/samples` folder.\n\n## How it works\n\nThe tool will parse rules defined in the `.puppet_auditor.yaml` files and if all rules are\nvalid it will dynamically generate [puppet-lint](https://github.com/rodjek/puppet-lint) plugins\nand run them to check your code.\n","project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Finstruct-br%2Fpuppet_auditor","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Finstruct-br%2Fpuppet_auditor","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Finstruct-br%2Fpuppet_auditor/lists"}