2019-06-11 22:24:35 +00:00
|
|
|
require "functional/helper"
|
|
|
|
require "tmpdir"
|
2016-11-09 14:41:48 +00:00
|
|
|
|
2019-06-11 22:24:35 +00:00
|
|
|
describe "example inheritance profile" do
|
2016-11-09 14:41:48 +00:00
|
|
|
include FunctionalHelper
|
|
|
|
|
2019-09-17 00:40:51 +00:00
|
|
|
parallelize_me!
|
|
|
|
|
2019-06-11 22:24:35 +00:00
|
|
|
it "can vendor profile dependencies" do
|
|
|
|
prepare_examples("inheritance") do |dir|
|
|
|
|
out = inspec("vendor " + dir + " --overwrite")
|
2019-07-23 01:44:43 +00:00
|
|
|
|
2019-09-30 22:31:55 +00:00
|
|
|
_(out.stdout).must_include "Dependencies for profile #{dir} successfully vendored to #{dir}/vendor"
|
2017-06-12 12:01:26 +00:00
|
|
|
|
2019-09-30 22:31:55 +00:00
|
|
|
_(File.exist?(File.join(dir, "vendor"))).must_equal true
|
|
|
|
_(File.exist?(File.join(dir, "inspec.lock"))).must_equal true
|
2019-07-23 01:44:43 +00:00
|
|
|
|
2019-09-30 22:31:55 +00:00
|
|
|
_(out.stderr).must_equal ""
|
2019-07-23 01:44:43 +00:00
|
|
|
|
|
|
|
assert_exit_code 0, out
|
2017-06-12 12:01:26 +00:00
|
|
|
end
|
2016-11-09 14:41:48 +00:00
|
|
|
end
|
|
|
|
|
2019-06-11 22:24:35 +00:00
|
|
|
it "can vendor profile dependencies with a relative path" do
|
|
|
|
prepare_examples("inheritance") do |dir|
|
|
|
|
relative_path = File.join(dir, "../", File.basename(dir))
|
|
|
|
out = inspec("vendor " + relative_path + " --overwrite")
|
2018-09-14 00:19:02 +00:00
|
|
|
|
2019-09-30 22:31:55 +00:00
|
|
|
_(File.exist?(File.join(dir, "vendor"))).must_equal true
|
|
|
|
_(File.exist?(File.join(dir, "inspec.lock"))).must_equal true
|
|
|
|
_(Dir.glob(File.join(dir, "vendor", "*"))).wont_be_empty
|
2019-07-23 01:44:43 +00:00
|
|
|
|
2019-09-30 22:31:55 +00:00
|
|
|
_(out.stderr).must_equal ""
|
2019-07-23 01:44:43 +00:00
|
|
|
|
|
|
|
assert_exit_code 0, out
|
2018-09-14 00:19:02 +00:00
|
|
|
end
|
|
|
|
end
|
|
|
|
|
2019-06-11 22:24:35 +00:00
|
|
|
it "can vendor profile dependencies with a backslash in path on Windows" do
|
2018-09-14 00:19:02 +00:00
|
|
|
return unless is_windows?
|
2019-07-09 00:20:30 +00:00
|
|
|
|
2019-06-11 22:24:35 +00:00
|
|
|
prepare_examples("inheritance") do |dir|
|
2018-09-14 00:19:02 +00:00
|
|
|
dir_with_backslash = File.join(dir, '..\\', File.basename(dir))
|
2019-06-11 22:24:35 +00:00
|
|
|
out = inspec("vendor " + dir_with_backslash + " --overwrite")
|
2018-09-14 00:19:02 +00:00
|
|
|
|
2019-09-30 22:31:55 +00:00
|
|
|
_(File.exist?(File.join(dir, "vendor"))).must_equal true
|
|
|
|
_(File.exist?(File.join(dir, "inspec.lock"))).must_equal true
|
|
|
|
_(Dir.glob(File.join(dir, "vendor", "*"))).wont_be_empty
|
2019-07-23 01:44:43 +00:00
|
|
|
|
2019-09-30 22:31:55 +00:00
|
|
|
_(out.stderr).must_equal ""
|
2019-07-23 01:44:43 +00:00
|
|
|
|
|
|
|
assert_exit_code 0, out
|
2018-09-14 00:19:02 +00:00
|
|
|
end
|
|
|
|
end
|
|
|
|
|
2019-06-11 22:24:35 +00:00
|
|
|
it "can vendor profile dependencies from the profile path" do
|
|
|
|
prepare_examples("inheritance") do |dir|
|
|
|
|
out = inspec("vendor --overwrite", "cd #{dir} &&")
|
2019-07-23 01:44:43 +00:00
|
|
|
|
2018-02-13 14:04:30 +00:00
|
|
|
# this fixes the osx /var symlink to /private/var causing this test to fail
|
2019-06-11 22:24:35 +00:00
|
|
|
out.stdout.gsub!("/private/var", "/var")
|
2019-09-30 22:31:55 +00:00
|
|
|
_(out.stdout).must_include "Dependencies for profile #{dir} successfully vendored to #{dir}/vendor"
|
2017-06-12 12:01:26 +00:00
|
|
|
|
2019-09-30 22:31:55 +00:00
|
|
|
_(File.exist?(File.join(dir, "vendor"))).must_equal true
|
|
|
|
_(File.exist?(File.join(dir, "inspec.lock"))).must_equal true
|
2019-07-23 01:44:43 +00:00
|
|
|
|
2019-09-30 22:31:55 +00:00
|
|
|
_(out.stderr).must_equal ""
|
2019-07-23 01:44:43 +00:00
|
|
|
|
|
|
|
assert_exit_code 0, out
|
2016-11-29 23:12:47 +00:00
|
|
|
end
|
2016-11-09 14:41:48 +00:00
|
|
|
end
|
2016-11-09 17:12:22 +00:00
|
|
|
|
2019-06-14 15:03:06 +00:00
|
|
|
it "can vendor profile dependencies from git" do
|
|
|
|
git_depends_path = File.join(profile_path, "git-fetcher", "basic")
|
2018-05-31 17:53:14 +00:00
|
|
|
|
|
|
|
Dir.mktmpdir do |tmpdir|
|
2019-06-11 22:24:35 +00:00
|
|
|
FileUtils.cp_r(git_depends_path + "/.", tmpdir)
|
2019-09-30 22:31:55 +00:00
|
|
|
_(File.exist?(File.join(tmpdir, "vendor"))).must_equal false
|
2018-05-31 17:53:14 +00:00
|
|
|
|
2019-06-11 22:24:35 +00:00
|
|
|
out = inspec("vendor " + tmpdir + " --overwrite")
|
2018-05-31 17:53:14 +00:00
|
|
|
|
2019-07-25 00:26:11 +00:00
|
|
|
skip_windows!
|
2019-09-30 22:31:55 +00:00
|
|
|
_(out.stdout).must_include "Dependencies for profile #{tmpdir} successfully vendored to #{tmpdir}/vendor"
|
2018-05-31 17:53:14 +00:00
|
|
|
|
2019-09-30 22:31:55 +00:00
|
|
|
_(File.exist?(File.join(tmpdir, "vendor"))).must_equal true
|
|
|
|
_(File.exist?(File.join(tmpdir, "inspec.lock"))).must_equal true
|
2018-07-05 17:54:53 +00:00
|
|
|
# Check that our vendor directory exists
|
2019-09-30 22:31:55 +00:00
|
|
|
_(Dir.glob(File.join(tmpdir, "vendor", "*")).length).must_equal 1
|
2018-07-05 17:54:53 +00:00
|
|
|
# Check that our vendor directory has contents
|
2019-09-30 22:31:55 +00:00
|
|
|
_(Dir.glob(File.join(tmpdir, "vendor", "*", "*")).length).must_be :>=, 8
|
2019-07-23 01:44:43 +00:00
|
|
|
|
2019-09-30 22:31:55 +00:00
|
|
|
_(out.stderr).must_equal ""
|
2019-07-23 01:44:43 +00:00
|
|
|
|
|
|
|
assert_exit_code 0, out
|
2018-05-31 17:53:14 +00:00
|
|
|
end
|
|
|
|
end
|
|
|
|
|
2019-06-11 22:24:35 +00:00
|
|
|
it "ensure nothing is loaded from external source if vendored profile is used" do
|
|
|
|
prepare_examples("meta-profile") do |dir|
|
|
|
|
out = inspec("vendor " + dir + " --overwrite")
|
2019-07-23 01:44:43 +00:00
|
|
|
|
2019-09-30 22:31:55 +00:00
|
|
|
_(out.stderr).must_equal ""
|
2019-07-23 01:44:43 +00:00
|
|
|
|
|
|
|
assert_exit_code 0, out
|
2017-06-12 12:01:26 +00:00
|
|
|
|
2019-09-30 22:31:55 +00:00
|
|
|
_(File.exist?(File.join(dir, "vendor"))).must_equal true
|
|
|
|
_(File.exist?(File.join(dir, "inspec.lock"))).must_equal true
|
2017-06-12 12:01:26 +00:00
|
|
|
|
2019-07-23 01:44:43 +00:00
|
|
|
# TODO: split
|
2019-06-11 22:24:35 +00:00
|
|
|
out = inspec("exec " + dir + " -l debug --no-create-lockfile")
|
2019-07-23 01:44:43 +00:00
|
|
|
|
2019-09-30 22:31:55 +00:00
|
|
|
_(out.stdout).must_include 'Using cached dependency for {:url=>"https://github.com/dev-sec/ssh-baseline/archive/master.tar.gz"'
|
|
|
|
_(out.stdout).must_include 'Using cached dependency for {:url=>"https://github.com/dev-sec/ssl-baseline/archive/master.tar.gz"'
|
|
|
|
_(out.stdout).must_include 'Using cached dependency for {:url=>"https://github.com/chris-rock/windows-patch-benchmark/archive/master.tar.gz"'
|
|
|
|
_(out.stdout).wont_include "Fetching URL:"
|
|
|
|
_(out.stdout).wont_include "Fetched archive moved to:"
|
2019-07-23 01:44:43 +00:00
|
|
|
|
2019-09-30 22:31:55 +00:00
|
|
|
_(out.stderr).must_equal ""
|
2019-07-23 01:44:43 +00:00
|
|
|
|
2019-07-25 01:59:01 +00:00
|
|
|
skip_windows!
|
2019-07-23 01:44:43 +00:00
|
|
|
assert_exit_code 100, out
|
2016-11-29 23:12:47 +00:00
|
|
|
end
|
2016-11-09 17:12:22 +00:00
|
|
|
end
|
|
|
|
|
2019-06-11 22:24:35 +00:00
|
|
|
it "ensure json/check command do not fetch remote profiles if vendored" do
|
|
|
|
prepare_examples("profile") do |dir|
|
|
|
|
out = inspec("vendor " + dir + " --overwrite")
|
2019-07-23 01:44:43 +00:00
|
|
|
|
2019-09-30 22:31:55 +00:00
|
|
|
_(out.stderr).must_equal ""
|
2016-11-29 12:39:29 +00:00
|
|
|
|
2019-07-23 01:44:43 +00:00
|
|
|
assert_exit_code 0, out
|
2019-04-23 15:45:42 +00:00
|
|
|
|
2019-07-23 01:44:43 +00:00
|
|
|
# TODO: split
|
|
|
|
out = inspec("json " + dir + " --output " + dst.path)
|
2016-11-29 12:39:29 +00:00
|
|
|
|
2017-06-12 12:01:26 +00:00
|
|
|
hm = JSON.load(File.read(dst.path))
|
2019-09-30 22:31:55 +00:00
|
|
|
_(hm["name"]).must_equal "profile"
|
|
|
|
_(hm["controls"].length).must_be :>=, 4
|
2017-06-12 12:01:26 +00:00
|
|
|
|
|
|
|
# out.stdout.scan(/Copy .* to cache directory/).length.must_equal 3
|
|
|
|
# out.stdout.scan(/Dependency does not exist in the cache/).length.must_equal 1
|
2019-09-30 22:31:55 +00:00
|
|
|
_(out.stdout.scan(/Fetching URL:/).length).must_equal 0
|
2016-11-29 12:39:29 +00:00
|
|
|
|
2019-09-30 22:31:55 +00:00
|
|
|
_(out.stderr).must_equal ""
|
2019-07-23 01:44:43 +00:00
|
|
|
|
|
|
|
assert_exit_code 0, out
|
|
|
|
|
|
|
|
# TODO: split
|
2017-06-12 12:01:26 +00:00
|
|
|
# execute check command
|
2019-06-11 22:24:35 +00:00
|
|
|
out = inspec("check " + dir + " -l debug")
|
2016-11-29 12:39:29 +00:00
|
|
|
|
2019-09-30 22:31:55 +00:00
|
|
|
_(out.stdout.scan(/Fetching URL:/).length).must_equal 0
|
2019-07-23 01:44:43 +00:00
|
|
|
|
|
|
|
assert_exit_code 0, out
|
2017-06-12 12:01:26 +00:00
|
|
|
end
|
2016-11-29 12:39:29 +00:00
|
|
|
end
|
2016-11-29 23:12:47 +00:00
|
|
|
|
2019-06-11 22:24:35 +00:00
|
|
|
it "use lockfile in tarball" do
|
|
|
|
prepare_examples("meta-profile") do |dir|
|
2017-06-12 12:01:26 +00:00
|
|
|
# ensure the profile is vendored and packaged as tar
|
2019-06-11 22:24:35 +00:00
|
|
|
out = inspec("vendor " + dir + " --overwrite")
|
2019-07-23 01:44:43 +00:00
|
|
|
|
2019-09-30 22:31:55 +00:00
|
|
|
_(out.stderr).must_equal ""
|
2018-03-22 12:25:45 +00:00
|
|
|
|
2019-07-23 01:44:43 +00:00
|
|
|
assert_exit_code 0, out
|
|
|
|
|
|
|
|
# TODO: split
|
2019-06-11 22:24:35 +00:00
|
|
|
out = inspec("archive " + dir + " --overwrite")
|
2019-07-23 01:44:43 +00:00
|
|
|
|
2019-09-30 22:31:55 +00:00
|
|
|
_(out.stderr).must_equal ""
|
2017-06-12 12:01:26 +00:00
|
|
|
|
2019-07-23 01:44:43 +00:00
|
|
|
assert_exit_code 0, out
|
|
|
|
|
|
|
|
# TODO: split
|
2017-06-12 12:01:26 +00:00
|
|
|
# execute json command
|
2019-06-11 22:24:35 +00:00
|
|
|
out = inspec("json meta-profile-0.2.0.tar.gz -l debug")
|
2017-06-12 12:01:26 +00:00
|
|
|
|
2019-09-30 22:31:55 +00:00
|
|
|
_(out.stdout.scan(/Fetching URL:/).length).must_equal 0
|
|
|
|
_(out.stdout).wont_match(/Fetching URL:/)
|
2019-07-23 01:44:43 +00:00
|
|
|
|
|
|
|
assert_exit_code 0, out
|
2017-06-12 12:01:26 +00:00
|
|
|
end
|
2016-11-29 23:12:47 +00:00
|
|
|
end
|
2017-12-12 16:28:07 +00:00
|
|
|
|
2019-06-11 22:24:35 +00:00
|
|
|
it "can move vendor files into custom vendor cache" do
|
|
|
|
prepare_examples("meta-profile") do |dir|
|
|
|
|
out = inspec("vendor " + dir + " --overwrite")
|
2017-12-12 16:28:07 +00:00
|
|
|
|
2019-09-30 22:31:55 +00:00
|
|
|
_(File.exist?(File.join(dir, "vendor"))).must_equal true
|
|
|
|
_(File.exist?(File.join(dir, "inspec.lock"))).must_equal true
|
|
|
|
_(File.exist?(File.join(dir, "vendor_cache"))).must_equal false
|
2017-12-12 16:28:07 +00:00
|
|
|
|
2019-09-30 22:31:55 +00:00
|
|
|
_(out.stderr).must_equal ""
|
2019-07-23 01:44:43 +00:00
|
|
|
|
|
|
|
assert_exit_code 0, out
|
|
|
|
|
|
|
|
# TODO: split
|
2018-07-05 18:19:41 +00:00
|
|
|
# Run `inspec exec` to create vendor cache
|
2019-06-11 22:24:35 +00:00
|
|
|
inspec("exec " + dir + " --vendor-cache " + dir + "/vendor_cache")
|
2019-07-23 01:44:43 +00:00
|
|
|
# TODO: capture out and test exit/stderr?
|
2017-12-12 16:28:07 +00:00
|
|
|
|
2019-09-30 22:31:55 +00:00
|
|
|
_(File.exist?(File.join(dir, "vendor_cache"))).must_equal true
|
2018-07-05 18:19:41 +00:00
|
|
|
vendor_files = Dir.entries("#{dir}/vendor/").sort
|
|
|
|
vendor_cache_files = Dir.entries("#{dir}/vendor_cache/").sort
|
2019-09-30 22:31:55 +00:00
|
|
|
_(vendor_files).must_equal vendor_cache_files
|
2017-12-12 16:28:07 +00:00
|
|
|
end
|
|
|
|
end
|
2018-09-07 03:28:08 +00:00
|
|
|
|
2019-06-11 22:24:35 +00:00
|
|
|
it "vendors profiles when using a local path" do
|
|
|
|
local_depends_path = File.join(profile_path, "local-depends")
|
|
|
|
dir_profile_path = File.join(profile_path, "complete-profile")
|
2018-09-07 03:28:08 +00:00
|
|
|
tar_profile_path = File.join(profile_path,
|
2019-11-07 23:17:22 +00:00
|
|
|
"archived-profiles",
|
|
|
|
"tar_profile-1.0.0.tar.gz")
|
2018-09-07 03:28:08 +00:00
|
|
|
zip_profile_path = File.join(profile_path,
|
2019-11-07 23:17:22 +00:00
|
|
|
"archived-profiles",
|
|
|
|
"zip_profile-1.0.0.zip")
|
2018-09-07 03:28:08 +00:00
|
|
|
|
|
|
|
Dir.mktmpdir do |tmpdir|
|
|
|
|
[dir_profile_path, tar_profile_path, zip_profile_path].each do |profile|
|
|
|
|
included_tmpdir = File.join(tmpdir, File.basename(profile))
|
|
|
|
FileUtils.cp_r(profile, included_tmpdir)
|
|
|
|
end
|
|
|
|
|
|
|
|
profile_tmpdir = File.join(tmpdir, File.basename(local_depends_path))
|
2019-06-11 22:24:35 +00:00
|
|
|
FileUtils.cp_r(local_depends_path + "/.", profile_tmpdir)
|
2018-09-07 03:28:08 +00:00
|
|
|
|
2019-06-11 22:24:35 +00:00
|
|
|
out = inspec("vendor " + profile_tmpdir + " --overwrite")
|
2018-09-07 03:28:08 +00:00
|
|
|
|
2019-06-11 22:24:35 +00:00
|
|
|
vendor_list = Dir.glob(File.join(profile_tmpdir, "vendor", "*"))
|
2019-09-30 22:31:55 +00:00
|
|
|
_(vendor_list.length).must_equal 3
|
2018-09-14 00:19:02 +00:00
|
|
|
vendor_list.each do |entry|
|
|
|
|
# confirm archives were extracted into folders
|
2019-09-30 22:31:55 +00:00
|
|
|
_(File.directory?(entry)).must_equal true
|
|
|
|
_(Dir.glob(File.join(entry, "*")).length).must_be(:>=, 1)
|
2018-09-14 00:19:02 +00:00
|
|
|
end
|
2019-07-23 01:44:43 +00:00
|
|
|
|
2019-09-30 22:31:55 +00:00
|
|
|
_(out.stderr).must_equal ""
|
2019-07-23 01:44:43 +00:00
|
|
|
|
|
|
|
assert_exit_code 0, out
|
2018-09-07 03:28:08 +00:00
|
|
|
end
|
|
|
|
end
|
|
|
|
|
2019-06-11 22:24:35 +00:00
|
|
|
it "extracts archives in vendor directory when present" do
|
|
|
|
archive_depends_path = File.join(profile_path, "archive-depends")
|
2018-09-07 03:28:08 +00:00
|
|
|
|
|
|
|
Dir.mktmpdir do |tmpdir|
|
2019-06-11 22:24:35 +00:00
|
|
|
FileUtils.cp_r(archive_depends_path + "/.", tmpdir)
|
2018-09-07 03:28:08 +00:00
|
|
|
|
2019-06-11 22:24:35 +00:00
|
|
|
out = inspec("vendor " + tmpdir + " --overwrite")
|
2018-09-07 03:28:08 +00:00
|
|
|
|
2019-06-11 22:24:35 +00:00
|
|
|
Dir.glob(File.join(tmpdir, "vendor", "*")).each do |file|
|
2019-09-30 22:31:55 +00:00
|
|
|
_(file).wont_match(/(\.tar.*$|\.zip$)/)
|
2018-09-07 03:28:08 +00:00
|
|
|
end
|
2019-07-23 01:44:43 +00:00
|
|
|
|
2019-09-30 22:31:55 +00:00
|
|
|
_(out.stderr).must_equal ""
|
2019-07-23 01:44:43 +00:00
|
|
|
|
|
|
|
assert_exit_code 0, out
|
2018-09-07 03:28:08 +00:00
|
|
|
end
|
|
|
|
end
|
2018-10-05 20:24:26 +00:00
|
|
|
|
2019-06-11 22:24:35 +00:00
|
|
|
it "can vendor profile with required inputs" do
|
|
|
|
archive_depends_path = File.join(profile_path, "profile-with-required-inputs")
|
2018-10-05 20:24:26 +00:00
|
|
|
|
|
|
|
Dir.mktmpdir do |tmpdir|
|
2019-06-11 22:24:35 +00:00
|
|
|
FileUtils.cp_r(archive_depends_path + "/.", tmpdir)
|
2018-10-05 20:24:26 +00:00
|
|
|
|
2019-06-11 22:24:35 +00:00
|
|
|
out = inspec("vendor " + tmpdir)
|
2019-07-23 01:44:43 +00:00
|
|
|
|
2019-09-30 22:31:55 +00:00
|
|
|
_(out.stderr).must_equal ""
|
2019-07-23 01:44:43 +00:00
|
|
|
|
|
|
|
assert_exit_code 0, out
|
2018-10-05 20:24:26 +00:00
|
|
|
end
|
|
|
|
end
|
2016-11-09 14:41:48 +00:00
|
|
|
end
|