2021-03-23 10:49:12 +00:00
require " functional/helper "
require " fileutils "
require " tmpdir "
2019-06-14 14:55:32 +00:00
2021-03-23 10:49:12 +00:00
describe " running profiles with git-based dependencies " do
2019-06-14 14:55:32 +00:00
include FunctionalHelper
let ( :git_profiles ) { " #{ profile_path } /git-fetcher " }
2021-03-23 10:49:12 +00:00
let ( :git_default_main_profile_url ) { " https://github.com/inspec/inspec-test-profile-default-main.git " }
2019-06-14 14:55:32 +00:00
2021-03-22 12:50:37 +00:00
attr_accessor :out
def inspec ( commandline , prefix = nil )
@stdout = @stderr = nil
self . out = super
end
def stdout
@stdout || = out . stdout
. force_encoding ( Encoding :: UTF_8 )
. gsub ( / \ e \ [( \ d+)(; \ d+)*m / , " " ) # strip ANSI color codes
end
def stderr
@stderr || = out . stderr
. force_encoding ( Encoding :: UTF_8 )
. gsub ( / \ e \ [( \ d+)(; \ d+)*m / , " " ) # strip ANSI color codes
end
2019-06-14 14:55:32 +00:00
#======================================================================#
# Git Repo Setup
#======================================================================#
2021-03-23 10:49:12 +00:00
fixture_repos = %w{ basic-local git-repo-01 }
2019-06-14 14:55:32 +00:00
before ( :all ) do
2020-06-03 08:38:10 +00:00
skip_windows! # Right now, this is due to symlinking, break executes on L24 <nickchecked>
2020-08-17 12:27:58 +00:00
# Stacktrace on windows machine:
# Error:
# running profiles with git-based dependencies::running a profile with an ./ relative path dependency#test_0001_should find the top-level profile in the git-referenced child profile and execute that:
# Errno::ENOENT: No such file or directory @ apply2files - C:/Users/some/path/inspec/inspec/test/fixtures/profiles/git-fetcher/basic-local/.git
# C:/Ruby/lib/ruby/2.6.0/fileutils.rb:1437:in `unlink'
# C:/Ruby/lib/ruby/2.6.0/fileutils.rb:1437:in `block in remove_file'
# C:/Ruby/lib/ruby/2.6.0/fileutils.rb:1445:in `platform_support'
# C:/Ruby/lib/ruby/2.6.0/fileutils.rb:1436:in `remove_file'
# C:/Ruby/lib/ruby/2.6.0/fileutils.rb:775:in `remove_file'
# C:/Ruby/lib/ruby/2.6.0/fileutils.rb:562:in `block in rm'
# C:/Ruby/lib/ruby/2.6.0/fileutils.rb:561:in `each'
# C:/Ruby/lib/ruby/2.6.0/fileutils.rb:561:in `rm'
# C:/Users/some/path/inspec/inspec/test/functional/git_fetcher_test.rb:31:in `block (3 levels) in <top (required)>'
# C:/Users/some/path/inspec/inspec/test/functional/git_fetcher_test.rb:29:in `each'
# C:/Users/some/path/inspec/inspec/test/functional/git_fetcher_test.rb:29:in `block (2 levels) in <top (required)>'"
2019-06-14 14:55:32 +00:00
# We need a git repo for some of the profile test fixtures,
# but we can't store those directly in git.
# Here, one approach is to store the .git/ directory under a
# different name and then symlink to its proper name.
fixture_repos . each do | profile_name |
link_src = " #{ git_profiles } / #{ profile_name } /git-fixture "
link_dst = " #{ git_profiles } / #{ profile_name } /.git "
FileUtils . ln_sf ( link_src , link_dst ) # -f to tolerate existing links created during manual testing
end
end
after ( :all ) do
fixture_repos . each do | profile_name |
link = " #{ git_profiles } / #{ profile_name } /.git "
FileUtils . rm ( link )
end
end
2019-06-18 16:52:25 +00:00
#======================================================================#
# Custom Local Assertions
#======================================================================#
def assert_relative_fetch_works ( profile_name , expected_profiles , expected_controls )
run_result = run_inspec_process ( " exec #{ git_profiles } / #{ profile_name } " , json : true )
assert_empty run_result . stderr
2019-10-21 23:13:03 +00:00
assert_json_controls_passing ( run_result )
2019-06-18 16:52:25 +00:00
# Should know about the top-level profile and the child profile
2021-03-23 10:49:12 +00:00
assert_equal expected_profiles , ( @json [ " profiles " ] . map { | p | p [ " name " ] } )
2019-06-18 16:52:25 +00:00
2021-03-23 10:49:12 +00:00
controls = @json [ " profiles " ] . map { | p | p [ " controls " ] } . flatten . map { | c | c [ " id " ] } . uniq
2019-06-18 16:52:25 +00:00
# Should have controls from the top-level and included child profile
expected_controls . each { | control | assert_includes controls , control }
# should not have controls from the profile defined at the top of the repo of the child profile
2021-03-23 10:49:12 +00:00
refute_includes controls , " red-dye "
2019-06-18 16:52:25 +00:00
end
2019-06-14 14:55:32 +00:00
#======================================================================#
# Basic Git Fetching
#======================================================================#
2021-03-23 10:49:12 +00:00
describe " running a profile with a basic local dependency " do
it " should work on a local checkout " do
2019-06-14 14:55:32 +00:00
run_result = run_inspec_process ( " exec #{ git_profiles } /basic-local " , json : true )
assert_empty run_result . stderr
2019-10-21 23:13:03 +00:00
assert_json_controls_passing ( run_result )
2019-06-14 14:55:32 +00:00
end
end
# describe "running a profile with a basic remote dependency"
2019-06-18 16:52:25 +00:00
# TODO: move private SSH+git test from inspec_exec_test to here
2019-06-14 14:55:32 +00:00
#======================================================================#
# Revision Selection
#======================================================================#
2019-06-21 02:12:16 +00:00
# NOTE: test branch, rev, and tag capabilities are (lighty) tested in unit tests
2019-06-14 14:55:32 +00:00
#======================================================================#
# Relative Path Support
#======================================================================#
#------------ Happy Cases for Relative Path Support -------------------#
2021-03-23 10:49:12 +00:00
describe " running a profile with a shallow relative path dependency " do
it " should find the relative path profile and execute exactly those controls " do
assert_relative_fetch_works ( " relative-shallow " , %w{ relative-shallow child-01 } , %w{ top-level-01 child-01 } )
2019-06-17 17:25:19 +00:00
end
end
2019-06-18 16:28:26 +00:00
2021-03-23 10:49:12 +00:00
describe " running a profile with a deep relative path dependency " do
it " should find the relative path profile and execute exactly those controls " do
assert_relative_fetch_works ( " relative-deep " , %w{ relative-deep child-02 } , %w{ relative-deep-01 child-02 } )
2019-06-18 16:52:25 +00:00
end
end
2019-06-18 16:28:26 +00:00
2021-03-23 10:49:12 +00:00
describe " running a profile with a combination of relative path dependencies " do
it " should find the relative path profiles and execute exactly those controls " do
2019-06-18 16:52:25 +00:00
assert_relative_fetch_works (
2021-03-23 10:49:12 +00:00
" relative-combo " ,
%w{ relative-combo child-01 child-02 } ,
%w{ relative-combo-01 child-01 child-02 }
2019-06-18 16:52:25 +00:00
)
2019-06-18 16:28:26 +00:00
end
end
2019-06-14 14:55:32 +00:00
#------------ Edge Cases for Relative Path Support -------------------#
2019-06-18 19:22:14 +00:00
2019-06-18 17:13:05 +00:00
describe " running a profile with an '' relative path dependency " do
2021-03-23 10:49:12 +00:00
it " should find the top-level profile in the git-referenced child profile and execute that " do
2021-03-23 11:12:41 +00:00
assert_relative_fetch_works ( " relative-empty " , %w{ relative-empty basic-local } , %w{ relative-empty-01 basic-local-01 } )
2019-06-18 17:13:05 +00:00
end
end
2021-03-23 10:49:12 +00:00
describe " running a profile with an ./ relative path dependency " do
it " should find the top-level profile in the git-referenced child profile and execute that " do
2021-03-23 11:12:41 +00:00
assert_relative_fetch_works ( " relative-dot-slash " , %w{ relative-dot-slash basic-local } , %w{ relative-dot-slash-01 basic-local-01 } )
2019-06-18 19:22:14 +00:00
end
end
2021-03-23 10:49:12 +00:00
describe " running a profile with a relative path dependency that does not exist " do
it " should fail gracefully " do
2019-06-18 22:06:51 +00:00
run_result = run_inspec_process ( " exec #{ git_profiles } /relative-nonesuch " )
assert_empty run_result . stdout
2021-03-23 10:49:12 +00:00
refute_includes run_result . stderr , " Errno::ENOENT " # No ugly file missing error
2019-06-18 22:06:51 +00:00
assert_equal 1 , run_result . stderr . lines . count # Not a giant stacktrace
# Spot check important parts of the message
2021-03-23 10:49:12 +00:00
assert_includes run_result . stderr , " Cannot find relative path "
assert_includes run_result . stderr , " no/such/path " # the actual missing path
assert_includes run_result . stderr , " profile in git repo "
2019-06-18 22:06:51 +00:00
# The containing git repo (the only identifier the user will have)
2021-03-23 10:49:12 +00:00
assert_includes run_result . stderr , " test/fixtures/profiles/git-fetcher/git-repo-01 "
2019-06-21 02:12:16 +00:00
assert_exit_code ( 1 , run_result ) # General user error
2019-06-18 22:06:51 +00:00
end
end
2021-03-22 12:50:37 +00:00
#------------ Happy Case for default branch GIT fetching -------------------#
2021-03-23 10:49:12 +00:00
describe " running a remote GIT profile " do
it " should use default HEAD branch " do
inspec ( " exec #{ git_default_main_profile_url } " )
2021-03-22 12:50:37 +00:00
assert_empty stderr
2022-03-11 07:24:47 +00:00
assert_includes stdout , " Profile: InSpec Profile (default-main) "
2021-03-22 12:50:37 +00:00
assert_includes stdout , " Profile Summary: 1 successful control, 0 control failures, 0 controls skipped \n "
assert_includes stdout , " Test Summary: 2 successful, 0 failures, 0 skipped \n "
assert_exit_code 0 , out
end
end
2023-08-31 14:36:24 +00:00
describe " running a remote GIT profile from directory which does not have .git directory " do
it " should use default HEAD branch " do
Dir . mktmpdir do | temp_dir_path |
Dir . chdir ( temp_dir_path ) do
inspec ( " exec #{ git_default_main_profile_url } " )
assert_empty stderr
end
end
end
end
2019-06-14 14:55:32 +00:00
end
