Watchmaker

**Summary**:

* [[Issue 499][499]][[PR 513][513]] Includes additional details about the
platform and python version in the watchmaker log
* [[Issue 500][500]][[PR 512][512]] Retries file retrieval up to 5 times
* [[Issue 501][501]][[PR 507][507]] Uses urllib handlers to retrieve all
files
- Deprecates the argument `--s3-source`; to retrieve a file from an S3
bucket use the syntax: `s3://<bucket>/<key>`
- Local files may be specified as absolute or relative paths, and may or
may not be prefixed with `file://`
* [[PR 496][496]] Moves CloudFormation and Terraform templates to their own
project, [terraform-aws-watchmaker][terraform-aws-watchmaker]
* [[PR 491][491]] Improves compatibility of the watchmaker bootstrap.ps1
script when executed by an Azure custom script extension
* [[Issue 430][430]][[PR 487][487]] Writes watchmaker salt config to a
custom path:
- Windows: `C:\Watchmaker\Salt\conf`
- Linux: `/opt/watchmaker/salt`
* scap-formula
- Incorporates content from OpenSCAP Security Guide v0.1.37-1

[430]: https://github.com/plus3it/watchmaker/issues/430
[499]: https://github.com/plus3it/watchmaker/issues/499
[500]: https://github.com/plus3it/watchmaker/issues/500
[501]: https://github.com/plus3it/watchmaker/issues/501
[487]: https://github.com/plus3it/watchmaker/pull/487
[491]: https://github.com/plus3it/watchmaker/pull/491
[496]: https://github.com/plus3it/watchmaker/pull/496
[507]: https://github.com/plus3it/watchmaker/pull/507
[512]: https://github.com/plus3it/watchmaker/pull/512
[513]: https://github.com/plus3it/watchmaker/pull/513
[terraform-aws-watchmaker]: https://github.com/plus3it/terraform-aws-watchmaker

**Summary**:

* [[Issue 415][415]][[PR 458][458]] Forwards watchmaker log entries from the
Windows Event Log to the EC2 System Log (Windows-only)
* [[PR 425][425]] Adds a log handler that writes watchmaker log entries to
the Windows Event Log (Windows-only)
* [[Issue 434][434]][[PR 457][457]] Updates doc build to replace
`recommonmark` functionality entirely with `m2r`
* [[PR 437][437]] Modfies CloudFormation templates to use aws cli utility to
retrieve the appscript rather than use the functionality built-in to the
cfn bootstrap
* [[PR 467][467]] Sets environment variables for aws cli when executing the
appscript option in the watchmaker CloudFormation templates

[415]: https://github.com/plus3it/watchmaker/issues/415
[434]: https://github.com/plus3it/watchmaker/issues/434
[425]: https://github.com/plus3it/watchmaker/pull/425
[437]: https://github.com/plus3it/watchmaker/pull/437
[457]: https://github.com/plus3it/watchmaker/pull/457
[458]: https://github.com/plus3it/watchmaker/pull/458
[467]: https://github.com/plus3it/watchmaker/pull/467

**Summary**:

* Installs `futures` only on Python 2 -- no functional changes

**Summary**:

* Fixes readthedocs build -- no functional changes

**Summary**:

* [[PR 409][409]] Provides terraform modules that deploy the watchmaker
CloudFormation templates
* [[Issue 418][418]][[PR 419][419]] Adds an `exclude-states` argument to
the SaltWorker; specified states will be excluded from the salt state
execution
* ash-windows-formula
* Incorporates security settings from the DISA October quarterly release
* join-domain-formula
* (Windows) Adds WMI method to set DNS search suffix
* (Windows) Tests for the EC2Config XML settings file before modifying it
* scap-formula
* (Linux) Distributes scap content from SCAP Security Guide v0.1.36-1
* Distributes scap content from the DISA October quarterly release
* splunkforwarder-formula
* Supports configuration of splunk log sources from pillar and grains
inputs

[409]: https://github.com/plus3it/watchmaker/pull/409
[419]: https://github.com/plus3it/watchmaker/pull/419
[418]: https://github.com/plus3it/watchmaker/issues/418

**Summary**:

* ash-linux-formula
* (el7) Fixes typos in the firewalld "safety" scripts that resulted in a
failure when firewalld was reloaded
* mcafee-agent-formula
* (el7) Adds required inbound ports to all firewalld zones, to support
the event where the default zone is modified from "public"
* splunkforwarder-formula
* (el7) Adds required outbound ports to the OUTPUT chain; previously,
they were mistakenly being added as inbound rules