2
0
Fork 0
mirror of https://github.com/inspec/inspec synced 2024-12-27 13:33:20 +00:00
inspec/lib/vulcano/backend/specinfra.rb

230 lines
5.8 KiB
Ruby
Raw Normal View History

# encoding: utf-8
2015-09-04 07:59:30 +00:00
require 'shellwords'
module Vulcano::Backends
class SpecinfraHelper < Vulcano.backend(1)
name 'specinfra'
def initialize(conf)
@conf = conf
@files = {}
type = @conf['backend'].to_s
reset_backend(type)
configure_shared_options
# configure the given backend, if we can handle it
# e.g. backend = exec ==> try to call configure_exec
# if we don't support it, error out
m = "configure_#{type}"
if self.respond_to?(m.to_sym)
send(m)
else
2015-09-03 21:24:42 +00:00
fail "Cannot configure Specinfra backend #{type}: it isn't supported yet."
end
end
def file(path)
@files[path] ||= File.new(path)
end
def run_command(cmd)
Specinfra::Runner.run_command(cmd)
end
def to_s
'SpecInfra Backend Runner'
end
def reset_backend(type)
# may be less nice, but avoid eval...
case type
when 'exec'
Specinfra::Backend::Exec.instance_variable_set(:@instance, nil)
when 'docker'
Specinfra::Backend::Docker.instance_variable_set(:@instance, nil)
when 'ssh'
Specinfra::Backend::Ssh.instance_variable_set(:@instance, nil)
when 'winrm'
Specinfra::Backend::Winrm.instance_variable_set(:@instance, nil)
end
end
def configure_shared_options
Specinfra::Backend::Cmd.send(:include, Specinfra::Helper::Set)
si = Specinfra.configuration
si.os = nil
if @conf['disable_sudo']
si.disable_sudo = true
else
si.sudo_password = @conf['sudo_password']
si.sudo_options = @conf['sudo_options']
end
end
def configure_docker
host = @conf['host'].to_s
Specinfra.configuration.backend = :docker
Specinfra.configuration.docker_container = host
end
def configure_exec
Specinfra.configuration.backend = :exec
end
def validate_ssh_options(ssh_opts)
unless ssh_opts[:port] > 0
2015-09-03 21:24:42 +00:00
fail "Port must be > 0 (not #{ssh_opts[:port]})"
end
if ssh_opts[:user].to_s.empty?
2015-09-05 14:07:54 +00:00
fail 'User must not be empty.'
end
unless ssh_opts[:keys].empty?
ssh_opts[:auth_methods].push('publickey')
ssh_opts[:keys_only] = true if ssh_opts[:password].nil?
end
unless ssh_opts[:password].nil?
ssh_opts[:auth_methods].push('password')
end
# rubocop:disable Style/GuardClause
if ssh_opts[:keys].empty? and ssh_opts[:password].nil?
2015-09-05 14:07:54 +00:00
fail 'You must configure at least one authentication method' \
': Password or key.'
end
# rubocop:enable Style/GuardClause
end
def configure_ssh
si = Specinfra.configuration
si.backend = :ssh
si.request_pty = true
host = @conf['host'].to_s
fail 'You must configure a target host.' if host.empty?
RSpec.configuration.host = host
ssh_opts = {
port: @conf['port'] || 22,
auth_methods: ['none'],
user_known_hosts_file: '/dev/null',
global_known_hosts_file: '/dev/null',
number_of_password_prompts: 0,
user: @conf['user'],
password: @conf['password'],
keys: [@conf['key_file']].compact,
}
validate_ssh_options(ssh_opts)
si.ssh_options = ssh_opts
end
def winrm_url(conf)
host = conf['host'].to_s
port = conf['port']
fail 'You must configure a target host.' if host.empty?
fail 'Port must be > 0 (not #{port})' unless port > 0
# SSL configuration
if conf['winrm_ssl']
scheme = 'https'
2015-09-04 07:59:30 +00:00
port ||= 5986
else
scheme = 'http'
2015-09-04 07:59:30 +00:00
port ||= 5985
end
"#{scheme}://#{host}:#{port}/wsman"
end
def configure_winrm
si = Specinfra.configuration
si.backend = :winrm
si.os = { family: 'windows' }
# validation
user = conf['user'].to_s
pass = conf['password'].to_s
fail 'You must configure a WinRM user for login.' if user.empty?
fail 'You must configure a WinRM password.' if pass.empty?
# create the connection
endpoint = winrm_url(conf)
winrm = ::WinRM::WinRMWebService.new(
endpoint,
:ssl,
user: user,
pass: pass,
basic_auth_only: true,
no_ssl_peer_verification: conf['winrm_self_signed'],
)
si.winrm = winrm
end
end
class SpecinfraHelper
class File < LinuxFile
def initialize(path)
super(Specinfra::Runner, path)
end
def exists?
Specinfra::Runner.check_file_exists(@path)
end
def mode
Specinfra::Runner.get_file_mode(@path).stdout.to_i(8)
end
def owner
Specinfra::Runner.get_file_owner_user(@path).stdout.strip
end
def group
Specinfra::Runner.get_file_owner_group(@path).stdout.strip
end
def link_target
path = Shellwords.escape(@path)
Specinfra::Runner.run_command("readlink #{path}").stdout.strip
end
def content
Specinfra::Runner.get_file_content(@path).stdout
end
def mtime
Specinfra::Runner.get_file_mtime(@path).stdout.strip
end
def size
Specinfra::Runner.get_file_size(@path).stdout.strip.to_i
end
def selinux_label
Specinfra::Runner.get_file_selinuxlabel(@path).stdout.strip
end
def mounted?(opts = {}, only_with = nil)
Specinfra::Runner.check_file_is_mounted(@path, opts, only_with)
end
def immutable?
Specinfra::Runner.get_file_immutable(@path)
end
def product_version
Specinfra::Runner.run_command("(Get-Command '#{@path}').FileVersionInfo.ProductVersion").stdout.strip
end
def file_version
Specinfra::Runner.run_command("(Get-Command '#{@path}').FileVersionInfo.FileVersion").stdout.strip
end
end
end
end