Development and Testing

There are two basic things you need to start run and test an Infrastructure Challenge:

  • A System to run Ansible
  • A Virtual Machine to deploy the infrastructure challenge onto

It is highly recommended to a Virtual Machine that supports memory snapshotting for deploying challenges during testing. Infrastructure challenges inherently change the system they are deployed to, and so we recommend restoring to a "clean snapshot" whenever testing a challenge. This ensures the challenge setup can fully configure a completely new system, with no artifacts remaining from previous testing. Using a "Memory snapshot", where the hypervisor can restore the system to a running state, increases development speed by eliminating the boot time of the VM.

Vagrant

C2Games provides a Vagrant script for quickly setting up local VMs for development and testing. Vagrant relies on VirtualBox or HyperV to handle creating the VMs and initial snapshots. More information is available at [Getting Started With Vagrant](TODO LINK).

C2Games Cloud Environment

C2Games is working to provide a preconfigured development environment within our cloud Infrastructure. Please don’t hesitate to contact opfor-content@c2games.org for more information.

Editors

A text editor or IDE that has good support for YAML and/or Ansible is recommended. Microsoft’s Free editor "Visual Studio Code", or VS Code, with additional extensions, is a great option. We provide links below to set up VS Code, but any editor can be used.

Setting up Visual Studio Code

VS Code has a great extension community, with hundreds of open-source extensions available to extend the editor’s capabilities. Extensions can be installed by clicking the "Extensions" button on the left toolbar and searching for the Extension name. The following extensions are recommended if using VS Code to create C2Games Infrastructure Challenges.

Linters

Linters are a form of static analysis for source code. C2Games runs a YAML linter and an Ansible Linter on all challenge submissions. We recommend you run both YAML and Ansible lint on your challenge before submitting, because if an issue is found with the submission, we may ask you to fix it before we can accept it.

Our configuration files, .ansible-lint and .yamllint, are available in the infrastructure-examples repository.

The Vagrant Development environment has ansible-lint and yamllint already installed. To run the linters, ssh to the vagrant dev system using vagrant ssh dev and run the lint.sh script.

ansible-lint roles/<ROLE>/
yamllint roles/<ROLE>/

The commands between the headers should output nothing if they ran successfully. Below is an example of both commands finding issues.

lint-output

Ensure there are no errors – warnings are acceptable, although they should be fixed if possible.

ansible-lint is telling us that there is an error, "Git checkouts must contain explicit version", and that the error is contained in the file manatee_bank_web_app/tasks/main.yaml on line 46, within the Task "Clone Manatee Bank".

A successful run might look like this:

lint-output-success-with-warnings

This section is kept in case someone requests it directly, and should not be included within the official documentation

Manually Creating a Local Test Environment

Preparing Development Host

The development host can be a physical system or a virtual machine. This system will be used to develop the Ansible Roles for challenges, and deploying the roles to test systems.

System Requirements

  • Ubuntu 18.04 or similar with 2+ GB Ram
    • NOTE: At time of writing, 20.04 does not have PPA support for Ansible

Ansible cannot run on a Windows host natively, though it can run under the Windows Subsystem for Linux (WSL). Ansible states the Windows Subsystem for Linux is not supported and should not be used for production systems.

Installing Ansible on Ubuntu 18.04

Ansible provides documentation for installation on Ubuntu at the following link:

https://docs.ansible.com/ansible/latest/installation_guide/intro_installation.html#installing-ansible-on-ubuntu

Preparing Test VMs

Challenges should be tested on a separate system from the Development Host. It is recommended to use a virtual machine for Test Systems so they can easily be restored to an unconfigured snapshot.

C2Games will perform automated testing on several different Operating Systems and versions – we ask that you test your challenge on one Debian derivative and one RHEL derivative. Ubuntu 18.04 and Centos 7 are typically used for this initial testing.

System Requirements

  • Ubuntu Server 16.04+
    • 1+ GB Ram
    • OpenSSH Server
  • CentOS Server 7+
    • 1+ GB Ram
    • OpenSSH Server <!— Windows 7+–> <!– – 2+ GB Ram–> <!– – WinRM Enabled–> <!– todo how do we communicate with windows? WinRM? –> <!–

Add the Ansible User

Create a user with the username ansible and the password ansible, then add the user to the sudo user group.

sudo adduser ansible

Ansible requires a username and password or SSH Key to authenticate with. Using an SSH Key is highly recommended, as Ansible can be difficult to work with when using a username/password for SSH login. A new SSH keypair can be generated with the ssh-keygen command:

ssh-keygen -N "" -f ~/.ssh/ansible_key

Install and Configure sudo

The Ansible user should be able to elevate to root privileges using sudo. A sudo password can be used, but configuring the Ansible user with passwordless sudo is recommended.

To install sudo, use the apt or yum package manager on Ubuntu or CentOS, respectively.

# Install sudo on Ubuntu
sudo apt-get install sudo
# Install sudo on CentOS
sudo yum install sudo

To configure the ansible user with passwordless sudo, ensure this line is in /etc/sudoers by using the command visudo (note the leading ‘#’ should be there!):

#includedir /etc/sudoers.d

Then, create the file /etc/sudoers.d/ansible using the visudo command. The file should have the following contents:

ansible  ALL=(ALL:ALL) NOPASSWD: ALL

Snapshot VM

This step is very important!

Once the VM is running and configured, a snapshot should be taken before any challenges are deployed to the test VMs. If possible, take a "running snapshot" or "Memory Snapshot" so the VM can be restored to a running state, which will speed up your development cycle.

Important: Your VM should be restored to this snapshot of a fresh state and a full test run executed before a challenge is submitted to C2Games

Trying out a Role

Now that the Test System is configured and running, try executing a provided role. The C2Games team has provided a couple of example roles in the roles/ directory of the infrastructure-examples Repository. Information on running these roles can be found in the Examples section of the "Ansible Basics" document. –>