inspec/lib/plugins/inspec-compliance/test/unit/target_test.rb

require "minitest/autorun"
require "mocha/minitest"
require_relative "../../lib/inspec-compliance/api"

describe InspecPlugins::Compliance::Fetcher do
  let(:config) { { "server" => "myserver" } }

  describe "the check_compliance_token method" do
    let(:fetcher) { InspecPlugins::Compliance::Fetcher.new("a/bad/url", config) }

    it "returns without error if token is set" do
      config["token"] = "my-token"
      fetcher.class.check_compliance_token("http://test.com", config)
    end

    it "returns an error when token is not set" do
      ex = assert_raises(Inspec::FetcherFailure) { fetcher.class.check_compliance_token("http://test.com", config) }
      _(ex.message).must_include "Cannot fetch http://test.com because your automate2 token has not been\nconfigured."
    end
  end

  describe "when the server is an automate2 server" do

    it "returns the correct owner and profile name" do
      config["profile"] = ["admin", "ssh-baseline", nil]
      fetcher = InspecPlugins::Compliance::Fetcher.new("myserver/profile", config)
      _(fetcher.send(:compliance_profile_name)).must_equal "admin/ssh-baseline"
    end
  end

  describe "when the server calls an automate profile" do
    let(:profiles_result) do
      [{ "name" => "ssh-baseline",
         "title" => "InSpec Profile",
         "maintainer" => "The Authors",
         "copyright" => "The Authors",
         "copyright_email" => "you@example.com",
         "license" => "Apache-2.0",
         "summary" => "An InSpec Compliance Profile",
         "version" => "0.1.1",
         "owner" => "admin",
         "supports" => [],
         "depends" => [],
         "sha256" => "132j1kjdasfasdoaefaewo12312",
         "groups" => [],
         "controls" => [],
         "attributes" => [],
         "latest_version" => "" }]
    end
    before do
      InspecPlugins::Compliance::Configuration.expects(:new).returns({ "token" => "123abc", "server" => "https://a2.instance.com" })
    end

    it "returns the correct profile name when parsing url" do
      InspecPlugins::Compliance::API.stubs(:profiles).returns(["success", profiles_result])
      fetcher = InspecPlugins::Compliance::Fetcher.resolve("compliance://admin/ssh-baseline")
      assert = ["admin", "ssh-baseline", nil]
      _(fetcher.instance_variable_get(:"@config")["profile"]).must_equal assert
    end

    it "returns the correct profile name when parsing compliance hash" do
      InspecPlugins::Compliance::API.stubs(:profiles).returns(["success", profiles_result])
      hash = {
        target: "https://a2.instance.com/api/v0/compliance/tar",
        compliance: "admin/ssh-baseline",
        sha256: "132j1kjdasfasdoaefaewo12312",
      }
      fetcher = InspecPlugins::Compliance::Fetcher.resolve(hash)
      assert = ["admin", "ssh-baseline", nil]
      _(fetcher.instance_variable_get(:"@config")["profile"]).must_equal assert
    end
  end

  describe "when the server provides a sha256 in the profiles_result" do
    let(:profiles_result) do
      [{ "name" => "ssh-baseline",
         "title" => "InSpec Profile",
         "maintainer" => "The Authors",
         "copyright" => "The Authors",
         "copyright_email" => "you@example.com",
         "license" => "Apache-2.0",
         "summary" => "An InSpec Compliance Profile",
         "version" => "0.1.1",
         "owner" => "admin",
         "supports" => [],
         "depends" => [],
         "sha256" => "132j1kjdasfasdoaefaewo12312",
         "groups" => [],
         "controls" => [],
         "attributes" => [],
         "latest_version" => "" }]
    end

    before do
      InspecPlugins::Compliance::Configuration.expects(:new).returns({ "token" => "123abc", "server" => "https://a2.instance.com" })
    end

    it "contains the upstream_sha256" do
      InspecPlugins::Compliance::API.stubs(:profiles).returns(["success", profiles_result])
      prof = profiles_result[0]
      target = "compliance://#{prof["owner"]}/#{prof["name"]}"
      fetcher = InspecPlugins::Compliance::Fetcher.resolve(target)
      _(fetcher.upstream_sha256).must_equal prof["sha256"]
    end
  end
end
blindly applied chefstyle -a Signed-off-by: Ryan Davis <zenspider@chef.io> 2019-06-11 22:24:35 +00:00			`require "minitest/autorun"`
Found and fixed more mocha/setup deprecations. This level of duplication is not good. Signed-off-by: Ryan Davis <zenspider@chef.io> 2019-12-31 23:46:47 +00:00			`require "mocha/minitest"`
Apply chefstyle -a, and manually remove duplicate requires Signed-off-by: Clinton Wolfe <clintoncwolfe@gmail.com> 2020-12-18 16:49:35 +00:00			`require_relative "../../lib/inspec-compliance/api"`
Raise exception if profile target URL cannot be parsed When attempting to parse the profile out of the target URL, we were not raising an exception if we failed to do so. Such a situation could arise if a user's inspec config.json is incorrect either due to manual editing or failure to re-login after an upgrade past Automate 0.8.0. This change provides a clear exception if this occurs and also adds tests for the compliance_profile_name method. Signed-off-by: Adam Leff <adam@leff.co> 2017-05-26 19:30:37 +00:00
Move compliance to v2 plugin (#3423) * Move compliance pluging to v2 system. * Update kitchen-inspec to test. * Add legacy require patsh. * Fix unit test Signed-off-by: Jared Quick <jquick@chef.io> 2018-10-04 18:31:39 +00:00			`describe InspecPlugins::Compliance::Fetcher do`
blindly applied chefstyle -a Signed-off-by: Ryan Davis <zenspider@chef.io> 2019-06-11 22:24:35 +00:00			`let(:config) { { "server" => "myserver" } }`
Raise exception if profile target URL cannot be parsed When attempting to parse the profile out of the target URL, we were not raising an exception if we failed to do so. Such a situation could arise if a user's inspec config.json is incorrect either due to manual editing or failure to re-login after an upgrade past Automate 0.8.0. This change provides a clear exception if this occurs and also adds tests for the compliance_profile_name method. Signed-off-by: Adam Leff <adam@leff.co> 2017-05-26 19:30:37 +00:00
blindly applied chefstyle -a Signed-off-by: Ryan Davis <zenspider@chef.io> 2019-06-11 22:24:35 +00:00			`describe "the check_compliance_token method" do`
chefstyle -a cleanup Signed-off-by: Miah Johnson <miah@chia-pet.org> 2019-05-31 21:59:06 +00:00			`let(:fetcher) { InspecPlugins::Compliance::Fetcher.new("a/bad/url", config) }`
Fix the compliance target error checks. (#3392) Signed-off-by: Jared Quick <jquick@chef.io> 2018-09-13 17:06:02 +00:00
blindly applied chefstyle -a Signed-off-by: Ryan Davis <zenspider@chef.io> 2019-06-11 22:24:35 +00:00			`it "returns without error if token is set" do`
			`config["token"] = "my-token"`
			`fetcher.class.check_compliance_token("http://test.com", config)`
Fix the compliance target error checks. (#3392) Signed-off-by: Jared Quick <jquick@chef.io> 2018-09-13 17:06:02 +00:00			`end`

blindly applied chefstyle -a Signed-off-by: Ryan Davis <zenspider@chef.io> 2019-06-11 22:24:35 +00:00			`it "returns an error when token is not set" do`
			`ex = assert_raises(Inspec::FetcherFailure) { fetcher.class.check_compliance_token("http://test.com", config) }`
Removed support for compliance and a1 server from inspec compliance Signed-off-by: Nikita Mathur <nikita.mathur@chef.io> 2021-05-20 11:42:21 +00:00			`_(ex.message).must_include "Cannot fetch http://test.com because your automate2 token has not been\nconfigured."`
Fix the compliance target error checks. (#3392) Signed-off-by: Jared Quick <jquick@chef.io> 2018-09-13 17:06:02 +00:00			`end`
			`end`

blindly applied chefstyle -a Signed-off-by: Ryan Davis <zenspider@chef.io> 2019-06-11 22:24:35 +00:00			`describe "when the server is an automate2 server" do`
Fix the A2 vendoring with depends on the A2 server. (#3022) Signed-off-by: Jared Quick <jquick@chef.io> 2018-05-04 16:25:40 +00:00
blindly applied chefstyle -a Signed-off-by: Ryan Davis <zenspider@chef.io> 2019-06-11 22:24:35 +00:00			`it "returns the correct owner and profile name" do`
			`config["profile"] = ["admin", "ssh-baseline", nil]`
			`fetcher = InspecPlugins::Compliance::Fetcher.new("myserver/profile", config)`
First pass at cleaning deprecations for old minitest/spec-style tests. 3 files left to go, and they're behaving oddly so I'm leaving them out in this pass. Looks like 21 deprecations left. Signed-off-by: Ryan Davis <zenspider@chef.io> 2019-09-30 22:31:55 +00:00			`_(fetcher.send(:compliance_profile_name)).must_equal "admin/ssh-baseline"`
Fix the A2 vendoring with depends on the A2 server. (#3022) Signed-off-by: Jared Quick <jquick@chef.io> 2018-05-04 16:25:40 +00:00			`end`
			`end`

blindly applied chefstyle -a Signed-off-by: Ryan Davis <zenspider@chef.io> 2019-06-11 22:24:35 +00:00			`describe "when the server calls an automate profile" do`
Cached profiles with Compliance Fetcher (#3221) * Leverage existance check in Compliance::Fetcher.resolve to not re-download locally cached profiles * Move logic from Compliance::API.exist? to Compliance::API.profiles to reuse code in cases where we need to access profiles' metadata directly. * Declare @upstream_sha256 if target is a string * Handle other fetchers that don't support upstream_sha256 within Inspec::CachedFetcher.initialize * Add initialize for Compliance::Fetcher to not pollute Fetchers::Url with its logic * Add Compliance::Fetcher.sha256 to leverage upstream_sha256 instead of relying on inherited method from Fetchers::Url * Revert changes to cached fetcher that are unnecessary after refactor * Pacify the god of ruby syntax * Move Compliance::API.profiles filtering logic to end of method to leverage normalization of mapped_profiles * Add and update unit tests to support caching with Compliance::Fetcher.upstream_sha256 Signed-off-by: Josh Hudson <jhudson@chef.io> 2018-08-28 13:11:38 +00:00			`let(:profiles_result) do`
blindly applied chefstyle -a Signed-off-by: Ryan Davis <zenspider@chef.io> 2019-06-11 22:24:35 +00:00			`[{ "name" => "ssh-baseline",`
			`"title" => "InSpec Profile",`
			`"maintainer" => "The Authors",`
			`"copyright" => "The Authors",`
			`"copyright_email" => "you@example.com",`
			`"license" => "Apache-2.0",`
			`"summary" => "An InSpec Compliance Profile",`
			`"version" => "0.1.1",`
			`"owner" => "admin",`
			`"supports" => [],`
			`"depends" => [],`
			`"sha256" => "132j1kjdasfasdoaefaewo12312",`
			`"groups" => [],`
			`"controls" => [],`
			`"attributes" => [],`
			`"latest_version" => "" }]`
Cached profiles with Compliance Fetcher (#3221) * Leverage existance check in Compliance::Fetcher.resolve to not re-download locally cached profiles * Move logic from Compliance::API.exist? to Compliance::API.profiles to reuse code in cases where we need to access profiles' metadata directly. * Declare @upstream_sha256 if target is a string * Handle other fetchers that don't support upstream_sha256 within Inspec::CachedFetcher.initialize * Add initialize for Compliance::Fetcher to not pollute Fetchers::Url with its logic * Add Compliance::Fetcher.sha256 to leverage upstream_sha256 instead of relying on inherited method from Fetchers::Url * Revert changes to cached fetcher that are unnecessary after refactor * Pacify the god of ruby syntax * Move Compliance::API.profiles filtering logic to end of method to leverage normalization of mapped_profiles * Add and update unit tests to support caching with Compliance::Fetcher.upstream_sha256 Signed-off-by: Josh Hudson <jhudson@chef.io> 2018-08-28 13:11:38 +00:00			`end`
Add A2 support for profile compliance depends. (#3014) Signed-off-by: Jared Quick <jquick@chef.io> 2018-05-03 18:07:53 +00:00			`before do`
blindly applied chefstyle -a Signed-off-by: Ryan Davis <zenspider@chef.io> 2019-06-11 22:24:35 +00:00			`InspecPlugins::Compliance::Configuration.expects(:new).returns({ "token" => "123abc", "server" => "https://a2.instance.com" })`
Add A2 support for profile compliance depends. (#3014) Signed-off-by: Jared Quick <jquick@chef.io> 2018-05-03 18:07:53 +00:00			`end`

blindly applied chefstyle -a Signed-off-by: Ryan Davis <zenspider@chef.io> 2019-06-11 22:24:35 +00:00			`it "returns the correct profile name when parsing url" do`
			`InspecPlugins::Compliance::API.stubs(:profiles).returns(["success", profiles_result])`
			`fetcher = InspecPlugins::Compliance::Fetcher.resolve("compliance://admin/ssh-baseline")`
			`assert = ["admin", "ssh-baseline", nil]`
First pass at cleaning deprecations for old minitest/spec-style tests. 3 files left to go, and they're behaving oddly so I'm leaving them out in this pass. Looks like 21 deprecations left. Signed-off-by: Ryan Davis <zenspider@chef.io> 2019-09-30 22:31:55 +00:00			`_(fetcher.instance_variable_get(:"@config")["profile"]).must_equal assert`
Add A2 support for profile compliance depends. (#3014) Signed-off-by: Jared Quick <jquick@chef.io> 2018-05-03 18:07:53 +00:00			`end`

blindly applied chefstyle -a Signed-off-by: Ryan Davis <zenspider@chef.io> 2019-06-11 22:24:35 +00:00			`it "returns the correct profile name when parsing compliance hash" do`
			`InspecPlugins::Compliance::API.stubs(:profiles).returns(["success", profiles_result])`
Add A2 support for profile compliance depends. (#3014) Signed-off-by: Jared Quick <jquick@chef.io> 2018-05-03 18:07:53 +00:00			`hash = {`
blindly applied chefstyle -a Signed-off-by: Ryan Davis <zenspider@chef.io> 2019-06-11 22:24:35 +00:00			`target: "https://a2.instance.com/api/v0/compliance/tar",`
			`compliance: "admin/ssh-baseline",`
			`sha256: "132j1kjdasfasdoaefaewo12312",`
Add A2 support for profile compliance depends. (#3014) Signed-off-by: Jared Quick <jquick@chef.io> 2018-05-03 18:07:53 +00:00			`}`
Move compliance to v2 plugin (#3423) * Move compliance pluging to v2 system. * Update kitchen-inspec to test. * Add legacy require patsh. * Fix unit test Signed-off-by: Jared Quick <jquick@chef.io> 2018-10-04 18:31:39 +00:00			`fetcher = InspecPlugins::Compliance::Fetcher.resolve(hash)`
blindly applied chefstyle -a Signed-off-by: Ryan Davis <zenspider@chef.io> 2019-06-11 22:24:35 +00:00			`assert = ["admin", "ssh-baseline", nil]`
First pass at cleaning deprecations for old minitest/spec-style tests. 3 files left to go, and they're behaving oddly so I'm leaving them out in this pass. Looks like 21 deprecations left. Signed-off-by: Ryan Davis <zenspider@chef.io> 2019-09-30 22:31:55 +00:00			`_(fetcher.instance_variable_get(:"@config")["profile"]).must_equal assert`
Add A2 support for profile compliance depends. (#3014) Signed-off-by: Jared Quick <jquick@chef.io> 2018-05-03 18:07:53 +00:00			`end`
			`end`
Cached profiles with Compliance Fetcher (#3221) * Leverage existance check in Compliance::Fetcher.resolve to not re-download locally cached profiles * Move logic from Compliance::API.exist? to Compliance::API.profiles to reuse code in cases where we need to access profiles' metadata directly. * Declare @upstream_sha256 if target is a string * Handle other fetchers that don't support upstream_sha256 within Inspec::CachedFetcher.initialize * Add initialize for Compliance::Fetcher to not pollute Fetchers::Url with its logic * Add Compliance::Fetcher.sha256 to leverage upstream_sha256 instead of relying on inherited method from Fetchers::Url * Revert changes to cached fetcher that are unnecessary after refactor * Pacify the god of ruby syntax * Move Compliance::API.profiles filtering logic to end of method to leverage normalization of mapped_profiles * Add and update unit tests to support caching with Compliance::Fetcher.upstream_sha256 Signed-off-by: Josh Hudson <jhudson@chef.io> 2018-08-28 13:11:38 +00:00
blindly applied chefstyle -a Signed-off-by: Ryan Davis <zenspider@chef.io> 2019-06-11 22:24:35 +00:00			`describe "when the server provides a sha256 in the profiles_result" do`
Cached profiles with Compliance Fetcher (#3221) * Leverage existance check in Compliance::Fetcher.resolve to not re-download locally cached profiles * Move logic from Compliance::API.exist? to Compliance::API.profiles to reuse code in cases where we need to access profiles' metadata directly. * Declare @upstream_sha256 if target is a string * Handle other fetchers that don't support upstream_sha256 within Inspec::CachedFetcher.initialize * Add initialize for Compliance::Fetcher to not pollute Fetchers::Url with its logic * Add Compliance::Fetcher.sha256 to leverage upstream_sha256 instead of relying on inherited method from Fetchers::Url * Revert changes to cached fetcher that are unnecessary after refactor * Pacify the god of ruby syntax * Move Compliance::API.profiles filtering logic to end of method to leverage normalization of mapped_profiles * Add and update unit tests to support caching with Compliance::Fetcher.upstream_sha256 Signed-off-by: Josh Hudson <jhudson@chef.io> 2018-08-28 13:11:38 +00:00			`let(:profiles_result) do`
blindly applied chefstyle -a Signed-off-by: Ryan Davis <zenspider@chef.io> 2019-06-11 22:24:35 +00:00			`[{ "name" => "ssh-baseline",`
			`"title" => "InSpec Profile",`
			`"maintainer" => "The Authors",`
			`"copyright" => "The Authors",`
			`"copyright_email" => "you@example.com",`
			`"license" => "Apache-2.0",`
			`"summary" => "An InSpec Compliance Profile",`
			`"version" => "0.1.1",`
			`"owner" => "admin",`
			`"supports" => [],`
			`"depends" => [],`
			`"sha256" => "132j1kjdasfasdoaefaewo12312",`
			`"groups" => [],`
			`"controls" => [],`
			`"attributes" => [],`
			`"latest_version" => "" }]`
Cached profiles with Compliance Fetcher (#3221) * Leverage existance check in Compliance::Fetcher.resolve to not re-download locally cached profiles * Move logic from Compliance::API.exist? to Compliance::API.profiles to reuse code in cases where we need to access profiles' metadata directly. * Declare @upstream_sha256 if target is a string * Handle other fetchers that don't support upstream_sha256 within Inspec::CachedFetcher.initialize * Add initialize for Compliance::Fetcher to not pollute Fetchers::Url with its logic * Add Compliance::Fetcher.sha256 to leverage upstream_sha256 instead of relying on inherited method from Fetchers::Url * Revert changes to cached fetcher that are unnecessary after refactor * Pacify the god of ruby syntax * Move Compliance::API.profiles filtering logic to end of method to leverage normalization of mapped_profiles * Add and update unit tests to support caching with Compliance::Fetcher.upstream_sha256 Signed-off-by: Josh Hudson <jhudson@chef.io> 2018-08-28 13:11:38 +00:00			`end`

			`before do`
blindly applied chefstyle -a Signed-off-by: Ryan Davis <zenspider@chef.io> 2019-06-11 22:24:35 +00:00			`InspecPlugins::Compliance::Configuration.expects(:new).returns({ "token" => "123abc", "server" => "https://a2.instance.com" })`
Cached profiles with Compliance Fetcher (#3221) * Leverage existance check in Compliance::Fetcher.resolve to not re-download locally cached profiles * Move logic from Compliance::API.exist? to Compliance::API.profiles to reuse code in cases where we need to access profiles' metadata directly. * Declare @upstream_sha256 if target is a string * Handle other fetchers that don't support upstream_sha256 within Inspec::CachedFetcher.initialize * Add initialize for Compliance::Fetcher to not pollute Fetchers::Url with its logic * Add Compliance::Fetcher.sha256 to leverage upstream_sha256 instead of relying on inherited method from Fetchers::Url * Revert changes to cached fetcher that are unnecessary after refactor * Pacify the god of ruby syntax * Move Compliance::API.profiles filtering logic to end of method to leverage normalization of mapped_profiles * Add and update unit tests to support caching with Compliance::Fetcher.upstream_sha256 Signed-off-by: Josh Hudson <jhudson@chef.io> 2018-08-28 13:11:38 +00:00			`end`

blindly applied chefstyle -a Signed-off-by: Ryan Davis <zenspider@chef.io> 2019-06-11 22:24:35 +00:00			`it "contains the upstream_sha256" do`
			`InspecPlugins::Compliance::API.stubs(:profiles).returns(["success", profiles_result])`
Cached profiles with Compliance Fetcher (#3221) * Leverage existance check in Compliance::Fetcher.resolve to not re-download locally cached profiles * Move logic from Compliance::API.exist? to Compliance::API.profiles to reuse code in cases where we need to access profiles' metadata directly. * Declare @upstream_sha256 if target is a string * Handle other fetchers that don't support upstream_sha256 within Inspec::CachedFetcher.initialize * Add initialize for Compliance::Fetcher to not pollute Fetchers::Url with its logic * Add Compliance::Fetcher.sha256 to leverage upstream_sha256 instead of relying on inherited method from Fetchers::Url * Revert changes to cached fetcher that are unnecessary after refactor * Pacify the god of ruby syntax * Move Compliance::API.profiles filtering logic to end of method to leverage normalization of mapped_profiles * Add and update unit tests to support caching with Compliance::Fetcher.upstream_sha256 Signed-off-by: Josh Hudson <jhudson@chef.io> 2018-08-28 13:11:38 +00:00			`prof = profiles_result[0]`
chefstyle -a; https://github.com/chef/chefstyle/pull/74 Signed-off-by: Miah Johnson <miah@chia-pet.org> 2019-07-09 00:20:30 +00:00			`target = "compliance://#{prof["owner"]}/#{prof["name"]}"`
Move compliance to v2 plugin (#3423) * Move compliance pluging to v2 system. * Update kitchen-inspec to test. * Add legacy require patsh. * Fix unit test Signed-off-by: Jared Quick <jquick@chef.io> 2018-10-04 18:31:39 +00:00			`fetcher = InspecPlugins::Compliance::Fetcher.resolve(target)`
First pass at cleaning deprecations for old minitest/spec-style tests. 3 files left to go, and they're behaving oddly so I'm leaving them out in this pass. Looks like 21 deprecations left. Signed-off-by: Ryan Davis <zenspider@chef.io> 2019-09-30 22:31:55 +00:00			`_(fetcher.upstream_sha256).must_equal prof["sha256"]`
Cached profiles with Compliance Fetcher (#3221) * Leverage existance check in Compliance::Fetcher.resolve to not re-download locally cached profiles * Move logic from Compliance::API.exist? to Compliance::API.profiles to reuse code in cases where we need to access profiles' metadata directly. * Declare @upstream_sha256 if target is a string * Handle other fetchers that don't support upstream_sha256 within Inspec::CachedFetcher.initialize * Add initialize for Compliance::Fetcher to not pollute Fetchers::Url with its logic * Add Compliance::Fetcher.sha256 to leverage upstream_sha256 instead of relying on inherited method from Fetchers::Url * Revert changes to cached fetcher that are unnecessary after refactor * Pacify the god of ruby syntax * Move Compliance::API.profiles filtering logic to end of method to leverage normalization of mapped_profiles * Add and update unit tests to support caching with Compliance::Fetcher.upstream_sha256 Signed-off-by: Josh Hudson <jhudson@chef.io> 2018-08-28 13:11:38 +00:00			`end`
			`end`
Raise exception if profile target URL cannot be parsed When attempting to parse the profile out of the target URL, we were not raising an exception if we failed to do so. Such a situation could arise if a user's inspec config.json is incorrect either due to manual editing or failure to re-login after an upgrade past Automate 0.8.0. This change provides a clear exception if this occurs and also adds tests for the compliance_profile_name method. Signed-off-by: Adam Leff <adam@leff.co> 2017-05-26 19:30:37 +00:00			`end`