2015-10-26 21:51:21 +00:00
# encoding: utf-8
require 'helper'
2016-01-16 07:00:52 +00:00
require 'inspec/profile_context'
2015-10-26 21:51:21 +00:00
describe Inspec :: Profile do
2015-12-22 14:18:09 +00:00
let ( :logger ) { Minitest :: Mock . new }
2016-02-17 10:17:43 +00:00
let ( :home ) { MockLoader . home }
2016-02-03 14:42:33 +00:00
2016-01-16 15:27:28 +00:00
describe 'with an empty profile' do
2016-02-17 10:17:43 +00:00
let ( :profile ) { MockLoader . load_profile ( 'empty-metadata' ) }
2016-01-16 15:27:28 +00:00
2017-02-13 18:04:46 +00:00
it 'has a default name containing the original target' do
profile . params [ :name ] . must_match ( / tests from .*empty-metadata / )
2016-01-16 15:27:28 +00:00
end
2016-04-20 04:50:18 +00:00
it 'has no controls' do
profile . params [ :controls ] . must_equal ( { } )
2016-01-16 15:27:28 +00:00
end
end
describe 'with an empty profile (legacy mode)' do
2016-02-17 10:17:43 +00:00
let ( :profile ) { MockLoader . load_profile ( 'legacy-empty-metadata' ) }
2015-10-26 21:51:21 +00:00
2017-02-13 18:04:46 +00:00
it 'has a default name containing the original target' do
profile . params [ :name ] . must_match ( / tests from .*empty-metadata / )
2015-10-26 21:51:21 +00:00
end
2016-04-20 04:50:18 +00:00
it 'has no controls' do
profile . params [ :controls ] . must_equal ( { } )
2015-10-26 21:51:21 +00:00
end
end
2016-01-16 15:27:28 +00:00
describe 'with simple metadata in profile' do
2016-01-25 14:44:17 +00:00
let ( :profile_id ) { 'simple-metadata' }
2016-02-17 10:17:43 +00:00
let ( :profile ) { MockLoader . load_profile ( profile_id ) }
2016-01-16 15:27:28 +00:00
it 'has metadata' do
profile . params [ :name ] . must_equal 'yumyum profile'
end
2016-04-20 04:50:18 +00:00
it 'has no controls' do
profile . params [ :controls ] . must_equal ( { } )
2016-01-16 15:27:28 +00:00
end
2016-01-25 14:44:17 +00:00
it 'can overwrite the profile ID' do
testID = rand . to_s
2016-02-17 10:17:43 +00:00
res = MockLoader . load_profile ( profile_id , id : testID )
2016-01-25 14:44:17 +00:00
res . params [ :name ] . must_equal testID
end
2016-01-16 15:27:28 +00:00
end
describe 'with simple metadata in profile (legacy mode)' do
2016-02-17 10:17:43 +00:00
let ( :profile ) { MockLoader . load_profile ( 'legacy-simple-metadata' ) }
2015-10-26 21:51:21 +00:00
it 'has metadata' do
profile . params [ :name ] . must_equal 'metadata profile'
end
2016-04-20 04:50:18 +00:00
it 'has no controls' do
profile . params [ :controls ] . must_equal ( { } )
2015-10-26 21:51:21 +00:00
end
end
2015-12-22 14:18:09 +00:00
2017-05-10 13:16:40 +00:00
describe 'SHA256 sums' do
it 'works on an empty profile' do
MockLoader . load_profile ( 'empty-metadata' ) . sha256 . must_equal 'ee95f4cf4258402604d4cc581a672bbd2f73d212b09cd4bcf1c5984e97e68963'
end
it 'works on a complete profile' do
2017-07-11 19:33:55 +00:00
MockLoader . load_profile ( 'complete-profile' ) . sha256 . must_equal '5a129bd0a06f3d27589871a8dc8c65361d3730e802b926755191b610b7f99d3a'
2017-05-10 13:16:40 +00:00
end
end
2017-05-16 09:31:47 +00:00
describe 'code info' do
let ( :profile_id ) { 'complete-profile' }
let ( :code ) { " control 'test01' do \n impact 0.5 \n title 'Catchy title' \n desc ' \n There should always be a /proc \n ' \n describe file('/proc') do \n it { should be_mounted } \n end \n end \n " }
2017-06-28 11:14:19 +00:00
let ( :loc ) { { :ref = > " controls/filesystem_spec.rb " , :line = > 6 } }
2017-05-16 09:31:47 +00:00
it 'gets code from an uncompressed profile' do
info = MockLoader . load_profile ( profile_id ) . info
info [ :controls ] [ 0 ] [ :code ] . must_equal code
loc [ :ref ] = File . join ( MockLoader . profile_path ( profile_id ) , loc [ :ref ] )
info [ :controls ] [ 0 ] [ :source_location ] . must_equal loc
end
it 'gets code on zip profiles' do
path = MockLoader . profile_zip ( profile_id )
info = MockLoader . load_profile ( path ) . info
info [ :controls ] [ 0 ] [ :code ] . must_equal code
info [ :controls ] [ 0 ] [ :source_location ] . must_equal loc
end
it 'gets code on tgz profiles' do
path = MockLoader . profile_tgz ( profile_id )
info = MockLoader . load_profile ( path ) . info
info [ :controls ] [ 0 ] [ :code ] . must_equal code
info [ :controls ] [ 0 ] [ :source_location ] . must_equal loc
end
end
2015-12-22 14:18:09 +00:00
describe 'when checking' do
2016-01-16 15:27:28 +00:00
describe 'an empty profile' do
let ( :profile_id ) { 'empty-metadata' }
it 'prints loads of warnings' do
logger . expect :info , nil , [ " Checking profile in #{ home } /mock/profiles/ #{ profile_id } " ]
2016-02-21 21:12:02 +00:00
logger . expect :error , nil , [ " Missing profile version in inspec.yml " ]
logger . expect :warn , nil , [ " Missing profile summary in inspec.yml " ]
logger . expect :warn , nil , [ " Missing profile maintainer in inspec.yml " ]
logger . expect :warn , nil , [ " Missing profile copyright in inspec.yml " ]
2017-05-29 22:16:09 +00:00
logger . expect :warn , nil , [ " Missing profile license in inspec.yml " ]
2016-01-16 15:27:28 +00:00
logger . expect :warn , nil , [ 'No controls or tests were defined.' ]
2016-02-17 10:17:43 +00:00
result = MockLoader . load_profile ( profile_id , { logger : logger } ) . check
2016-02-04 17:46:23 +00:00
# verify logger output
2016-01-16 15:27:28 +00:00
logger . verify
2016-02-04 17:46:23 +00:00
# verify hash result
result [ :summary ] [ :valid ] . must_equal false
result [ :summary ] [ :location ] . must_equal " #{ home } /mock/profiles/ #{ profile_id } "
2017-02-13 18:04:46 +00:00
result [ :summary ] [ :profile ] . must_match ( / tests from .*empty-metadata / )
2016-02-04 17:46:23 +00:00
result [ :summary ] [ :controls ] . must_equal 0
2017-02-13 18:04:46 +00:00
result [ :errors ] . length . must_equal 1
2017-11-09 11:32:54 +00:00
result [ :warnings ] . length . must_equal 5
2016-01-16 15:27:28 +00:00
end
end
2018-07-05 19:37:18 +00:00
2016-01-16 14:33:07 +00:00
describe 'an empty profile (legacy mode)' do
let ( :profile_id ) { 'legacy-empty-metadata' }
2015-12-22 14:18:09 +00:00
it 'prints loads of warnings' do
2016-01-16 14:33:07 +00:00
logger . expect :info , nil , [ " Checking profile in #{ home } /mock/profiles/ #{ profile_id } " ]
2016-02-04 17:05:40 +00:00
logger . expect :warn , nil , [ 'The use of `metadata.rb` is deprecated. Use `inspec.yml`.' ]
2016-02-21 21:12:02 +00:00
logger . expect :error , nil , [ " Missing profile version in metadata.rb " ]
logger . expect :warn , nil , [ " Missing profile summary in metadata.rb " ]
logger . expect :warn , nil , [ " Missing profile maintainer in metadata.rb " ]
logger . expect :warn , nil , [ " Missing profile copyright in metadata.rb " ]
2017-05-29 22:16:09 +00:00
logger . expect :warn , nil , [ " Missing profile license in metadata.rb " ]
2015-12-22 14:18:09 +00:00
logger . expect :warn , nil , [ 'No controls or tests were defined.' ]
2016-02-17 10:17:43 +00:00
result = MockLoader . load_profile ( profile_id , { logger : logger } ) . check
2016-02-04 17:46:23 +00:00
# verify logger output
2015-12-22 14:18:09 +00:00
logger . verify
2016-02-04 17:46:23 +00:00
# verify hash result
result [ :summary ] [ :valid ] . must_equal false
result [ :summary ] [ :location ] . must_equal " #{ home } /mock/profiles/ #{ profile_id } "
2017-02-13 18:04:46 +00:00
result [ :summary ] [ :profile ] . must_match ( / tests from .*legacy-empty-metadata / )
2016-02-04 17:46:23 +00:00
result [ :summary ] [ :controls ] . must_equal 0
2017-02-13 18:04:46 +00:00
result [ :errors ] . length . must_equal 1
2017-11-09 11:32:54 +00:00
result [ :warnings ] . length . must_equal 6
2015-12-22 14:18:09 +00:00
end
end
2016-01-16 15:27:28 +00:00
describe 'a complete metadata profile' do
let ( :profile_id ) { 'complete-metadata' }
2016-02-17 10:17:43 +00:00
let ( :profile ) { MockLoader . load_profile ( profile_id , { logger : logger } ) }
2016-01-16 15:27:28 +00:00
it 'prints ok messages' do
logger . expect :info , nil , [ " Checking profile in #{ home } /mock/profiles/ #{ profile_id } " ]
logger . expect :info , nil , [ 'Metadata OK.' ]
logger . expect :warn , nil , [ 'No controls or tests were defined.' ]
2016-02-04 17:46:23 +00:00
result = profile . check
# verify logger output
2016-01-16 15:27:28 +00:00
logger . verify
2016-02-04 17:46:23 +00:00
# verify hash result
result [ :summary ] [ :valid ] . must_equal true
result [ :summary ] [ :location ] . must_equal " #{ home } /mock/profiles/ #{ profile_id } "
result [ :summary ] [ :profile ] . must_equal 'name'
result [ :summary ] [ :controls ] . must_equal 0
result [ :errors ] . length . must_equal 0
result [ :warnings ] . length . must_equal 1
2016-01-16 15:27:28 +00:00
end
end
2016-01-15 17:45:05 +00:00
describe 'a complete metadata profile (legacy mode)' do
2016-01-16 14:33:07 +00:00
let ( :profile_id ) { 'legacy-complete-metadata' }
2016-02-17 10:17:43 +00:00
let ( :profile ) { MockLoader . load_profile ( profile_id , { logger : logger } ) }
2015-12-22 14:18:09 +00:00
it 'prints ok messages' do
2016-01-16 14:33:07 +00:00
logger . expect :info , nil , [ " Checking profile in #{ home } /mock/profiles/ #{ profile_id } " ]
2015-12-28 12:30:42 +00:00
logger . expect :warn , nil , [ 'The use of `metadata.rb` is deprecated. Use `inspec.yml`.' ]
2015-12-22 14:18:09 +00:00
logger . expect :info , nil , [ 'Metadata OK.' ]
2016-02-03 14:42:33 +00:00
# NB we only look at content that is loaded, i.e., there're no empty directories anymore
# logger.expect :warn, nil, ["Profile uses deprecated `test` directory, rename it to `controls`."]
2015-12-22 14:18:09 +00:00
logger . expect :warn , nil , [ 'No controls or tests were defined.' ]
2016-02-04 17:46:23 +00:00
result = profile . check
# verify logger output
2015-12-22 14:18:09 +00:00
logger . verify
2016-02-04 17:46:23 +00:00
# verify hash result
result [ :summary ] [ :valid ] . must_equal true
result [ :summary ] [ :location ] . must_equal " #{ home } /mock/profiles/ #{ profile_id } "
result [ :summary ] [ :profile ] . must_equal 'name'
result [ :summary ] [ :controls ] . must_equal 0
result [ :errors ] . length . must_equal 0
result [ :warnings ] . length . must_equal 2
2015-12-22 14:18:09 +00:00
end
2016-01-15 17:45:05 +00:00
it 'doesnt have constraints on supported systems' do
2016-04-16 22:09:28 +00:00
profile . metadata . params [ :supports ] . must_equal ( [ ] )
2016-01-15 17:45:05 +00:00
end
2015-12-22 14:18:09 +00:00
end
2016-01-07 23:16:07 +00:00
describe 'a complete metadata profile with controls' do
2016-01-16 14:33:07 +00:00
let ( :profile_id ) { 'complete-profile' }
2016-01-11 04:59:57 +00:00
2016-04-20 04:50:18 +00:00
it 'prints ok messages and counts the controls' do
2016-01-16 14:33:07 +00:00
logger . expect :info , nil , [ " Checking profile in #{ home } /mock/profiles/ #{ profile_id } " ]
2016-01-11 04:59:57 +00:00
logger . expect :info , nil , [ 'Metadata OK.' ]
2016-02-04 17:05:40 +00:00
logger . expect :info , nil , [ 'Found 1 controls.' ]
logger . expect :info , nil , [ 'Control definitions OK.' ]
2016-01-11 04:59:57 +00:00
2016-02-17 10:17:43 +00:00
result = MockLoader . load_profile ( profile_id , { logger : logger } ) . check
2016-02-04 17:46:23 +00:00
# verify logger output
2016-01-11 04:59:57 +00:00
logger . verify
2016-02-04 17:46:23 +00:00
# verify hash result
result [ :summary ] [ :valid ] . must_equal true
result [ :summary ] [ :location ] . must_equal " #{ home } /mock/profiles/ #{ profile_id } "
result [ :summary ] [ :profile ] . must_equal 'complete'
result [ :summary ] [ :controls ] . must_equal 1
result [ :errors ] . length . must_equal 0
result [ :warnings ] . length . must_equal 0
2016-01-11 04:59:57 +00:00
end
2016-01-07 23:16:07 +00:00
end
2016-02-03 14:42:33 +00:00
describe 'a complete metadata profile with controls in a tarball' do
let ( :profile_id ) { 'complete-profile' }
2016-02-17 10:17:43 +00:00
let ( :profile_path ) { MockLoader . profile_tgz ( profile_id ) }
let ( :profile ) { MockLoader . load_profile ( profile_path , { logger : logger } ) }
2016-02-03 14:42:33 +00:00
2016-04-20 04:50:18 +00:00
it 'prints ok messages and counts the controls' do
2016-02-03 14:42:33 +00:00
logger . expect :info , nil , [ " Checking profile in #{ home } /mock/profiles/ #{ profile_id } " ]
logger . expect :info , nil , [ 'Metadata OK.' ]
2016-02-04 17:05:40 +00:00
logger . expect :info , nil , [ 'Found 1 controls.' ]
logger . expect :info , nil , [ 'Control definitions OK.' ]
2016-02-03 14:42:33 +00:00
2016-02-17 10:17:43 +00:00
result = MockLoader . load_profile ( profile_id , { logger : logger } ) . check
2016-02-04 17:46:23 +00:00
# verify logger output
logger . verify
# verify hash result
result [ :summary ] [ :valid ] . must_equal true
result [ :summary ] [ :location ] . must_equal " #{ home } /mock/profiles/ #{ profile_id } "
result [ :summary ] [ :profile ] . must_equal 'complete'
result [ :summary ] [ :controls ] . must_equal 1
result [ :errors ] . length . must_equal 0
result [ :warnings ] . length . must_equal 0
2016-02-03 14:42:33 +00:00
end
end
describe 'a complete metadata profile with controls in zipfile' do
let ( :profile_id ) { 'complete-profile' }
2016-02-17 10:17:43 +00:00
let ( :profile_path ) { MockLoader . profile_zip ( profile_id ) }
let ( :profile ) { MockLoader . load_profile ( profile_path , { logger : logger } ) }
2016-02-03 14:42:33 +00:00
2016-04-20 04:50:18 +00:00
it 'prints ok messages and counts the controls' do
2016-02-03 14:42:33 +00:00
logger . expect :info , nil , [ " Checking profile in #{ home } /mock/profiles/ #{ profile_id } " ]
logger . expect :info , nil , [ 'Metadata OK.' ]
2016-02-04 17:05:40 +00:00
logger . expect :info , nil , [ 'Found 1 controls.' ]
logger . expect :info , nil , [ 'Control definitions OK.' ]
2016-02-03 14:42:33 +00:00
2016-02-17 10:17:43 +00:00
result = MockLoader . load_profile ( profile_id , { logger : logger } ) . check
2016-02-04 17:46:23 +00:00
# verify logger output
2016-02-03 14:42:33 +00:00
logger . verify
2016-02-04 17:46:23 +00:00
# verify hash result
result [ :summary ] [ :valid ] . must_equal true
result [ :summary ] [ :location ] . must_equal " #{ home } /mock/profiles/ #{ profile_id } "
result [ :summary ] [ :profile ] . must_equal 'complete'
result [ :summary ] [ :controls ] . must_equal 1
result [ :errors ] . length . must_equal 0
result [ :warnings ] . length . must_equal 0
2016-02-03 14:42:33 +00:00
end
end
2017-05-18 12:20:10 +00:00
describe 'a complete metadata profile with controls in zipfile' do
let ( :profile_id ) { 'complete-profile' }
let ( :profile_path ) { MockLoader . profile_zip ( profile_id ) }
let ( :profile ) { MockLoader . load_profile ( profile_path , { logger : logger } ) }
it 'prints ok messages and counts the controls' do
logger . expect :info , nil , [ " Checking profile in #{ home } /mock/profiles/ #{ profile_id } " ]
logger . expect :info , nil , [ 'Metadata OK.' ]
logger . expect :info , nil , [ 'Found 1 controls.' ]
logger . expect :info , nil , [ 'Control definitions OK.' ]
result = MockLoader . load_profile ( profile_id , { logger : logger } ) . check
# verify logger output
logger . verify
# verify hash result
result [ :summary ] [ :valid ] . must_equal true
result [ :summary ] [ :location ] . must_equal " #{ home } /mock/profiles/ #{ profile_id } "
result [ :summary ] [ :profile ] . must_equal 'complete'
result [ :summary ] [ :controls ] . must_equal 1
result [ :errors ] . length . must_equal 0
result [ :warnings ] . length . must_equal 0
end
end
describe 'shows error if version is invalid' do
let ( :profile_id ) { 'invalid-version' }
let ( :profile_path ) { MockLoader . profile_zip ( profile_id ) }
let ( :profile ) { MockLoader . load_profile ( profile_path , { logger : logger } ) }
it 'prints ok messages and counts the controls' do
logger . expect :info , nil , [ " Checking profile in #{ home } /mock/profiles/ #{ profile_id } " ]
logger . expect :warn , nil , [ 'No controls or tests were defined.' ]
logger . expect :error , nil , [ 'Version needs to be in SemVer format' ]
result = MockLoader . load_profile ( profile_id , { logger : logger } ) . check
# verify logger output
logger . verify
# verify hash result
result [ :summary ] [ :valid ] . must_equal false
result [ :summary ] [ :location ] . must_equal " #{ home } /mock/profiles/ #{ profile_id } "
result [ :summary ] [ :profile ] . must_equal 'invalid-version'
result [ :summary ] [ :controls ] . must_equal 0
result [ :errors ] . length . must_equal 1
result [ :warnings ] . length . must_equal 1
end
end
2017-05-29 22:16:09 +00:00
2017-11-09 11:32:54 +00:00
describe 'a profile with a slash in the name' do
let ( :profile_path ) { 'slash-in-name/not-allowed' } # Slashes allowed here
let ( :profile_name ) { 'slash-in-name/not-allowed' } # But not here
2018-07-05 19:37:18 +00:00
it 'issues an error' do
2017-11-09 11:32:54 +00:00
logger . expect :info , nil , [ " Checking profile in #{ home } /mock/profiles/ #{ profile_path } " ]
2018-07-05 19:37:18 +00:00
logger . expect :error , nil , [ " The profile name ( #{ profile_name } ) contains a slash which " \
'is not permitted. Please remove all slashes from `inspec.yml`.' ]
2017-11-09 11:32:54 +00:00
logger . expect :info , nil , [ 'Found 1 controls.' ]
2018-07-05 19:37:18 +00:00
logger . expect :info , nil , [ 'Control definitions OK.' ]
2017-11-09 11:32:54 +00:00
result = MockLoader . load_profile ( profile_path , { logger : logger } ) . check
logger . verify
2018-07-05 19:37:18 +00:00
result [ :warnings ] . length . must_equal 0
result [ :errors ] . length . must_equal 1
2017-11-09 11:32:54 +00:00
end
end
2018-07-05 19:37:18 +00:00
2017-05-29 22:16:09 +00:00
describe 'shows warning if license is invalid' do
let ( :profile_id ) { 'license-invalid' }
let ( :profile_path ) { MockLoader . profile_zip ( profile_id ) }
let ( :profile ) { MockLoader . load_profile ( profile_path , { logger : logger } ) }
it 'prints ok messages and counts the controls' do
logger . expect :info , nil , [ " Checking profile in #{ home } /mock/profiles/ #{ profile_id } " ]
logger . expect :warn , nil , [ " License 'Invalid License Name' needs to be in SPDX format. See https://spdx.org/licenses/. " ]
logger . expect :warn , nil , [ 'No controls or tests were defined.' ]
logger . expect :info , nil , [ " Metadata OK. " ]
result = MockLoader . load_profile ( profile_id , { logger : logger } ) . check
# verify logger output
logger . verify
# verify hash result
result [ :summary ] [ :valid ] . must_equal true
result [ :summary ] [ :location ] . must_equal " #{ home } /mock/profiles/ #{ profile_id } "
result [ :summary ] [ :profile ] . must_equal 'license-invalid'
result [ :summary ] [ :controls ] . must_equal 0
result [ :errors ] . length . must_equal 0
result [ :warnings ] . length . must_equal 2
end
describe 'shows no warning if license is spdx' do
let ( :profile_id ) { 'license-spdx' }
let ( :profile_path ) { MockLoader . profile_zip ( profile_id ) }
let ( :profile ) { MockLoader . load_profile ( profile_path , { logger : logger } ) }
it 'prints ok messages and counts the controls' do
logger . expect :info , nil , [ " Checking profile in #{ home } /mock/profiles/ #{ profile_id } " ]
logger . expect :warn , nil , [ 'No controls or tests were defined.' ]
logger . expect :info , nil , [ " Metadata OK. " ]
result = MockLoader . load_profile ( profile_id , { logger : logger } ) . check
# verify logger output
logger . verify
# verify hash result
result [ :summary ] [ :valid ] . must_equal true
result [ :summary ] [ :location ] . must_equal " #{ home } /mock/profiles/ #{ profile_id } "
result [ :summary ] [ :profile ] . must_equal 'license-spdx'
result [ :summary ] [ :controls ] . must_equal 0
result [ :errors ] . length . must_equal 0
result [ :warnings ] . length . must_equal 1
end
end
describe 'accepts proprietary license' do
let ( :profile_id ) { 'license-proprietary' }
let ( :profile_path ) { MockLoader . profile_zip ( profile_id ) }
let ( :profile ) { MockLoader . load_profile ( profile_path , { logger : logger } ) }
it 'prints ok messages and counts the controls' do
logger . expect :info , nil , [ " Checking profile in #{ home } /mock/profiles/ #{ profile_id } " ]
logger . expect :warn , nil , [ 'No controls or tests were defined.' ]
logger . expect :info , nil , [ " Metadata OK. " ]
result = MockLoader . load_profile ( profile_id , { logger : logger } ) . check
# verify logger output
logger . verify
# verify hash result
result [ :summary ] [ :valid ] . must_equal true
result [ :summary ] [ :location ] . must_equal " #{ home } /mock/profiles/ #{ profile_id } "
result [ :summary ] [ :profile ] . must_equal 'license-proprietary'
result [ :summary ] [ :controls ] . must_equal 0
result [ :errors ] . length . must_equal 0
result [ :warnings ] . length . must_equal 1
end
end
end
2015-12-22 14:18:09 +00:00
end
2015-10-26 21:51:21 +00:00
end