Mirrors/inspec
2
0
Fork 0
mirror of https://github.com/inspec/inspec synced 2024-11-15 01:17:08 +00:00
Code Issues Projects Releases Packages Wiki Activity
inspec/habitat/plan.sh

86 lines
2.3 KiB
Bash
Raw Normal View History

move Inspec Habitat package to chef/inspec. NOTE: The existing `core/inspec` package (version 0.27.0) cannot be removed from the public Habitat depot.
2016-10-11 21:07:44 +00:00
pkg_name=inspec
pkg_origin=chef
pkg_description="InSpec is an open-source testing framework for infrastructure
with a human- and machine-readable language for specifying compliance,
security and policy requirements."
Improvements to Habitat plan These are kind of all over the place, but should improve things: * Use the new `pkg_version` mechanism to set the version, and fail if the VERSION file is not present * Use inspec.io for the upstream url * Remove pkg_source and it's associated callbacks; they aren't required any more * Alphabetize the deps list * Remove duplicate coreutils from build deps * Move environment variable setting to `do_prepare` * Delete all binstubs in bin that aren't inspec * Put the generated Gemfile in $CACHE_PATH so it doesn't stomp on the developer's Gemfile * Insert the SSL_CERT_FILE env var in the binstub (Fixes #1582) * Use install instead of cp to drop off Gemfile.lock * Build using `path: '$SRC_PATH'` instead of `'= $pkg_version'` in the Gemfile * Disable `do_strip` to decrease build time and because we don't need it Works for me on Habitat 0.23. Since all the "building" is done now in `do_install`, it would be possible to define a `do_check` that runs `inspec exec` on profiles to verify inspec is working by running inspec. Signed-off-by: Nathan L Smith <smith@chef.io>
2017-05-17 05:19:14 +00:00
pkg_upstream_url=https://www.inspec.io/
move Inspec Habitat package to chef/inspec. NOTE: The existing `core/inspec` package (version 0.27.0) cannot be removed from the public Habitat depot.
2016-10-11 21:07:44 +00:00
pkg_maintainer="The Habitat Maintainers <humans@habitat.sh>"
pkg_license=('Apache-2.0')
pkg_deps=(
Improvements to Habitat plan These are kind of all over the place, but should improve things: * Use the new `pkg_version` mechanism to set the version, and fail if the VERSION file is not present * Use inspec.io for the upstream url * Remove pkg_source and it's associated callbacks; they aren't required any more * Alphabetize the deps list * Remove duplicate coreutils from build deps * Move environment variable setting to `do_prepare` * Delete all binstubs in bin that aren't inspec * Put the generated Gemfile in $CACHE_PATH so it doesn't stomp on the developer's Gemfile * Insert the SSL_CERT_FILE env var in the binstub (Fixes #1582) * Use install instead of cp to drop off Gemfile.lock * Build using `path: '$SRC_PATH'` instead of `'= $pkg_version'` in the Gemfile * Disable `do_strip` to decrease build time and because we don't need it Works for me on Habitat 0.23. Since all the "building" is done now in `do_install`, it would be possible to define a `do_check` that runs `inspec exec` on profiles to verify inspec is working by running inspec. Signed-off-by: Nathan L Smith <smith@chef.io>
2017-05-17 05:19:14 +00:00
core/busybox-static
core/cacerts
move Inspec Habitat package to chef/inspec. NOTE: The existing `core/inspec` package (version 0.27.0) cannot be removed from the public Habitat depot.
2016-10-11 21:07:44 +00:00
core/coreutils
Fix Habitat plan for nokogiri support Nokogiri is failing to build in the habitat artifact due to the lack of libxml2 and libxslt. This brings them in as dependencies and also properly configures bundler to use them. Signed-off-by: Adam Leff <adam@leff.co>
2017-03-21 21:51:59 +00:00
core/libxml2
core/libxslt
move Inspec Habitat package to chef/inspec. NOTE: The existing `core/inspec` package (version 0.27.0) cannot be removed from the public Habitat depot.
2016-10-11 21:07:44 +00:00
core/net-tools
Improvements to Habitat plan These are kind of all over the place, but should improve things: * Use the new `pkg_version` mechanism to set the version, and fail if the VERSION file is not present * Use inspec.io for the upstream url * Remove pkg_source and it's associated callbacks; they aren't required any more * Alphabetize the deps list * Remove duplicate coreutils from build deps * Move environment variable setting to `do_prepare` * Delete all binstubs in bin that aren't inspec * Put the generated Gemfile in $CACHE_PATH so it doesn't stomp on the developer's Gemfile * Insert the SSL_CERT_FILE env var in the binstub (Fixes #1582) * Use install instead of cp to drop off Gemfile.lock * Build using `path: '$SRC_PATH'` instead of `'= $pkg_version'` in the Gemfile * Disable `do_strip` to decrease build time and because we don't need it Works for me on Habitat 0.23. Since all the "building" is done now in `do_install`, it would be possible to define a `do_check` that runs `inspec exec` on profiles to verify inspec is working by running inspec. Signed-off-by: Nathan L Smith <smith@chef.io>
2017-05-17 05:19:14 +00:00
core/ruby
move Inspec Habitat package to chef/inspec. NOTE: The existing `core/inspec` package (version 0.27.0) cannot be removed from the public Habitat depot.
2016-10-11 21:07:44 +00:00
)
pkg_build_deps=(
core/bundler
core/gcc
core/make
core/readline
Improvements to Habitat plan These are kind of all over the place, but should improve things: * Use the new `pkg_version` mechanism to set the version, and fail if the VERSION file is not present * Use inspec.io for the upstream url * Remove pkg_source and it's associated callbacks; they aren't required any more * Alphabetize the deps list * Remove duplicate coreutils from build deps * Move environment variable setting to `do_prepare` * Delete all binstubs in bin that aren't inspec * Put the generated Gemfile in $CACHE_PATH so it doesn't stomp on the developer's Gemfile * Insert the SSL_CERT_FILE env var in the binstub (Fixes #1582) * Use install instead of cp to drop off Gemfile.lock * Build using `path: '$SRC_PATH'` instead of `'= $pkg_version'` in the Gemfile * Disable `do_strip` to decrease build time and because we don't need it Works for me on Habitat 0.23. Since all the "building" is done now in `do_install`, it would be possible to define a `do_check` that runs `inspec exec` on profiles to verify inspec is working by running inspec. Signed-off-by: Nathan L Smith <smith@chef.io>
2017-05-17 05:19:14 +00:00
core/sed
move Inspec Habitat package to chef/inspec. NOTE: The existing `core/inspec` package (version 0.27.0) cannot be removed from the public Habitat depot.
2016-10-11 21:07:44 +00:00
)
pkg_bin_dirs=(bin)
Improvements to Habitat plan These are kind of all over the place, but should improve things: * Use the new `pkg_version` mechanism to set the version, and fail if the VERSION file is not present * Use inspec.io for the upstream url * Remove pkg_source and it's associated callbacks; they aren't required any more * Alphabetize the deps list * Remove duplicate coreutils from build deps * Move environment variable setting to `do_prepare` * Delete all binstubs in bin that aren't inspec * Put the generated Gemfile in $CACHE_PATH so it doesn't stomp on the developer's Gemfile * Insert the SSL_CERT_FILE env var in the binstub (Fixes #1582) * Use install instead of cp to drop off Gemfile.lock * Build using `path: '$SRC_PATH'` instead of `'= $pkg_version'` in the Gemfile * Disable `do_strip` to decrease build time and because we don't need it Works for me on Habitat 0.23. Since all the "building" is done now in `do_install`, it would be possible to define a `do_check` that runs `inspec exec` on profiles to verify inspec is working by running inspec. Signed-off-by: Nathan L Smith <smith@chef.io>
2017-05-17 05:19:14 +00:00
pkg_version() {
cat VERSION
move Inspec Habitat package to chef/inspec. NOTE: The existing `core/inspec` package (version 0.27.0) cannot be removed from the public Habitat depot.
2016-10-11 21:07:44 +00:00
}
Improvements to Habitat plan These are kind of all over the place, but should improve things: * Use the new `pkg_version` mechanism to set the version, and fail if the VERSION file is not present * Use inspec.io for the upstream url * Remove pkg_source and it's associated callbacks; they aren't required any more * Alphabetize the deps list * Remove duplicate coreutils from build deps * Move environment variable setting to `do_prepare` * Delete all binstubs in bin that aren't inspec * Put the generated Gemfile in $CACHE_PATH so it doesn't stomp on the developer's Gemfile * Insert the SSL_CERT_FILE env var in the binstub (Fixes #1582) * Use install instead of cp to drop off Gemfile.lock * Build using `path: '$SRC_PATH'` instead of `'= $pkg_version'` in the Gemfile * Disable `do_strip` to decrease build time and because we don't need it Works for me on Habitat 0.23. Since all the "building" is done now in `do_install`, it would be possible to define a `do_check` that runs `inspec exec` on profiles to verify inspec is working by running inspec. Signed-off-by: Nathan L Smith <smith@chef.io>
2017-05-17 05:19:14 +00:00
do_before() {
if [[ ! -f VERSION ]]; then
exit_with "habitat/VERSION not found. Run 'rake release_habitat' to ensure it exists" 1
fi
update_pkg_version
move Inspec Habitat package to chef/inspec. NOTE: The existing `core/inspec` package (version 0.27.0) cannot be removed from the public Habitat depot.
2016-10-11 21:07:44 +00:00
}
do_prepare() {
Improvements to Habitat plan These are kind of all over the place, but should improve things: * Use the new `pkg_version` mechanism to set the version, and fail if the VERSION file is not present * Use inspec.io for the upstream url * Remove pkg_source and it's associated callbacks; they aren't required any more * Alphabetize the deps list * Remove duplicate coreutils from build deps * Move environment variable setting to `do_prepare` * Delete all binstubs in bin that aren't inspec * Put the generated Gemfile in $CACHE_PATH so it doesn't stomp on the developer's Gemfile * Insert the SSL_CERT_FILE env var in the binstub (Fixes #1582) * Use install instead of cp to drop off Gemfile.lock * Build using `path: '$SRC_PATH'` instead of `'= $pkg_version'` in the Gemfile * Disable `do_strip` to decrease build time and because we don't need it Works for me on Habitat 0.23. Since all the "building" is done now in `do_install`, it would be possible to define a `do_check` that runs `inspec exec` on profiles to verify inspec is working by running inspec. Signed-off-by: Nathan L Smith <smith@chef.io>
2017-05-17 05:19:14 +00:00
# If we use the Gemfile in the project ($SRC_PATH/Gemfile), and run `bundle
# install` (which we do in `do_build` below), Bundler will write out a
# .bundle/config into the $SRC_PATH. If this happens, if you try to use
# InSpec outside of the build process it will fail, since the settings used
# in this plan will be saved in the .bundle/config.
#
# Instead, we build a minimal Gemfile in the $CACHE_PATH and bundle using that.
cat > "$CACHE_PATH/Gemfile" <<GEMFILE
move Inspec Habitat package to chef/inspec. NOTE: The existing `core/inspec` package (version 0.27.0) cannot be removed from the public Habitat depot.
2016-10-11 21:07:44 +00:00
source 'https://rubygems.org'
Use RubyGems version for habitat plan In #1820 we made it so inspec would install the checked out source version rather than the version from RubyGems. This actually didn't work (though it wasn't apparent in a development environment) because it used a relative path to bin/inspec that pointed at /src/bin/inspec, which only exists if you're in a Habitat studio started from the InSpec repo. Revert back to getting the gem from RubyGems to avoid this problem and have a working package. Signed-off-by: Nathan L Smith <smith@chef.io>
2017-06-01 21:26:26 +00:00
gem '$pkg_name', '= $pkg_version'
move Inspec Habitat package to chef/inspec. NOTE: The existing `core/inspec` package (version 0.27.0) cannot be removed from the public Habitat depot.
2016-10-11 21:07:44 +00:00
GEMFILE
Improvements to Habitat plan These are kind of all over the place, but should improve things: * Use the new `pkg_version` mechanism to set the version, and fail if the VERSION file is not present * Use inspec.io for the upstream url * Remove pkg_source and it's associated callbacks; they aren't required any more * Alphabetize the deps list * Remove duplicate coreutils from build deps * Move environment variable setting to `do_prepare` * Delete all binstubs in bin that aren't inspec * Put the generated Gemfile in $CACHE_PATH so it doesn't stomp on the developer's Gemfile * Insert the SSL_CERT_FILE env var in the binstub (Fixes #1582) * Use install instead of cp to drop off Gemfile.lock * Build using `path: '$SRC_PATH'` instead of `'= $pkg_version'` in the Gemfile * Disable `do_strip` to decrease build time and because we don't need it Works for me on Habitat 0.23. Since all the "building" is done now in `do_install`, it would be possible to define a `do_check` that runs `inspec exec` on profiles to verify inspec is working by running inspec. Signed-off-by: Nathan L Smith <smith@chef.io>
2017-05-17 05:19:14 +00:00
export BUNDLE_SILENCE_ROOT_WARNING GEM_HOME GEM_PATH
BUNDLE_SILENCE_ROOT_WARNING=1
build_line "Setting BUNDLE_SILENCE_ROOT_WARNING=$BUNDLE_SILENCE_ROOT_WARNING"
GEM_HOME="$pkg_prefix/vendor/bundle"
build_line "Setting GEM_HOME=$GEM_HOME"
GEM_PATH="$(pkg_path_for bundler):$GEM_HOME"
build_line "Setting GEM_PATH=$GEM_PATH"
move Inspec Habitat package to chef/inspec. NOTE: The existing `core/inspec` package (version 0.27.0) cannot be removed from the public Habitat depot.
2016-10-11 21:07:44 +00:00
}
do_build() {
Improvements to Habitat plan These are kind of all over the place, but should improve things: * Use the new `pkg_version` mechanism to set the version, and fail if the VERSION file is not present * Use inspec.io for the upstream url * Remove pkg_source and it's associated callbacks; they aren't required any more * Alphabetize the deps list * Remove duplicate coreutils from build deps * Move environment variable setting to `do_prepare` * Delete all binstubs in bin that aren't inspec * Put the generated Gemfile in $CACHE_PATH so it doesn't stomp on the developer's Gemfile * Insert the SSL_CERT_FILE env var in the binstub (Fixes #1582) * Use install instead of cp to drop off Gemfile.lock * Build using `path: '$SRC_PATH'` instead of `'= $pkg_version'` in the Gemfile * Disable `do_strip` to decrease build time and because we don't need it Works for me on Habitat 0.23. Since all the "building" is done now in `do_install`, it would be possible to define a `do_check` that runs `inspec exec` on profiles to verify inspec is working by running inspec. Signed-off-by: Nathan L Smith <smith@chef.io>
2017-05-17 05:19:14 +00:00
bundle install \
--binstubs "$pkg_prefix/bin" \
--gemfile "$CACHE_PATH/Gemfile" \
--jobs "$(nproc)" \
--path "$pkg_prefix/bundle" \
--retry 5 \
--standalone
Fix Habitat plan for nokogiri support Nokogiri is failing to build in the habitat artifact due to the lack of libxml2 and libxslt. This brings them in as dependencies and also properly configures bundler to use them. Signed-off-by: Adam Leff <adam@leff.co>
2017-03-21 21:51:59 +00:00
Improvements to Habitat plan These are kind of all over the place, but should improve things: * Use the new `pkg_version` mechanism to set the version, and fail if the VERSION file is not present * Use inspec.io for the upstream url * Remove pkg_source and it's associated callbacks; they aren't required any more * Alphabetize the deps list * Remove duplicate coreutils from build deps * Move environment variable setting to `do_prepare` * Delete all binstubs in bin that aren't inspec * Put the generated Gemfile in $CACHE_PATH so it doesn't stomp on the developer's Gemfile * Insert the SSL_CERT_FILE env var in the binstub (Fixes #1582) * Use install instead of cp to drop off Gemfile.lock * Build using `path: '$SRC_PATH'` instead of `'= $pkg_version'` in the Gemfile * Disable `do_strip` to decrease build time and because we don't need it Works for me on Habitat 0.23. Since all the "building" is done now in `do_install`, it would be possible to define a `do_check` that runs `inspec exec` on profiles to verify inspec is working by running inspec. Signed-off-by: Nathan L Smith <smith@chef.io>
2017-05-17 05:19:14 +00:00
# Delete everything that's not inspec in bin
find "$pkg_prefix/bin" -type f -not -name 'inspec' -delete
Fix Habitat plan for nokogiri support Nokogiri is failing to build in the habitat artifact due to the lack of libxml2 and libxslt. This brings them in as dependencies and also properly configures bundler to use them. Signed-off-by: Adam Leff <adam@leff.co>
2017-03-21 21:51:59 +00:00
Improvements to Habitat plan These are kind of all over the place, but should improve things: * Use the new `pkg_version` mechanism to set the version, and fail if the VERSION file is not present * Use inspec.io for the upstream url * Remove pkg_source and it's associated callbacks; they aren't required any more * Alphabetize the deps list * Remove duplicate coreutils from build deps * Move environment variable setting to `do_prepare` * Delete all binstubs in bin that aren't inspec * Put the generated Gemfile in $CACHE_PATH so it doesn't stomp on the developer's Gemfile * Insert the SSL_CERT_FILE env var in the binstub (Fixes #1582) * Use install instead of cp to drop off Gemfile.lock * Build using `path: '$SRC_PATH'` instead of `'= $pkg_version'` in the Gemfile * Disable `do_strip` to decrease build time and because we don't need it Works for me on Habitat 0.23. Since all the "building" is done now in `do_install`, it would be possible to define a `do_check` that runs `inspec exec` on profiles to verify inspec is working by running inspec. Signed-off-by: Nathan L Smith <smith@chef.io>
2017-05-17 05:19:14 +00:00
fix_interpreter "$pkg_prefix/bin/inspec" core/coreutils bin/env
Fix Habitat plan for nokogiri support Nokogiri is failing to build in the habitat artifact due to the lack of libxml2 and libxslt. This brings them in as dependencies and also properly configures bundler to use them. Signed-off-by: Adam Leff <adam@leff.co>
2017-03-21 21:51:59 +00:00
Improvements to Habitat plan These are kind of all over the place, but should improve things: * Use the new `pkg_version` mechanism to set the version, and fail if the VERSION file is not present * Use inspec.io for the upstream url * Remove pkg_source and it's associated callbacks; they aren't required any more * Alphabetize the deps list * Remove duplicate coreutils from build deps * Move environment variable setting to `do_prepare` * Delete all binstubs in bin that aren't inspec * Put the generated Gemfile in $CACHE_PATH so it doesn't stomp on the developer's Gemfile * Insert the SSL_CERT_FILE env var in the binstub (Fixes #1582) * Use install instead of cp to drop off Gemfile.lock * Build using `path: '$SRC_PATH'` instead of `'= $pkg_version'` in the Gemfile * Disable `do_strip` to decrease build time and because we don't need it Works for me on Habitat 0.23. Since all the "building" is done now in `do_install`, it would be possible to define a `do_check` that runs `inspec exec` on profiles to verify inspec is working by running inspec. Signed-off-by: Nathan L Smith <smith@chef.io>
2017-05-17 05:19:14 +00:00
# Insert the SSL cert path into the inspec executable
sed -i "2iENV['SSL_CERT_FILE'] = '$(pkg_path_for cacerts)/ssl/cert.pem'" \
"$pkg_prefix/bin/inspec"
}
do_install() {
install -m 0644 Gemfile.lock "$pkg_prefix/Gemfile.lock"
move Inspec Habitat package to chef/inspec. NOTE: The existing `core/inspec` package (version 0.27.0) cannot be removed from the public Habitat depot.
2016-10-11 21:07:44 +00:00
}
Improvements to Habitat plan These are kind of all over the place, but should improve things: * Use the new `pkg_version` mechanism to set the version, and fail if the VERSION file is not present * Use inspec.io for the upstream url * Remove pkg_source and it's associated callbacks; they aren't required any more * Alphabetize the deps list * Remove duplicate coreutils from build deps * Move environment variable setting to `do_prepare` * Delete all binstubs in bin that aren't inspec * Put the generated Gemfile in $CACHE_PATH so it doesn't stomp on the developer's Gemfile * Insert the SSL_CERT_FILE env var in the binstub (Fixes #1582) * Use install instead of cp to drop off Gemfile.lock * Build using `path: '$SRC_PATH'` instead of `'= $pkg_version'` in the Gemfile * Disable `do_strip` to decrease build time and because we don't need it Works for me on Habitat 0.23. Since all the "building" is done now in `do_install`, it would be possible to define a `do_check` that runs `inspec exec` on profiles to verify inspec is working by running inspec. Signed-off-by: Nathan L Smith <smith@chef.io>
2017-05-17 05:19:14 +00:00
do_strip() {
return 0
move Inspec Habitat package to chef/inspec. NOTE: The existing `core/inspec` package (version 0.27.0) cannot be removed from the public Habitat depot.
2016-10-11 21:07:44 +00:00
}
Reference in a new issue Copy permalink