Mirrors/inspec
2
0
Fork 0
mirror of https://github.com/inspec/inspec synced 2024-11-23 13:13:22 +00:00
Code Issues Projects Releases Packages Wiki Activity
inspec/habitat/plan.sh

104 lines
3 KiB
Bash
Raw Normal View History

move Inspec Habitat package to chef/inspec. NOTE: The existing `core/inspec` package (version 0.27.0) cannot be removed from the public Habitat depot.
2016-10-11 21:07:44 +00:00
pkg_name=inspec
pkg_origin=chef
Habitat build works for all versions, eliminates rake (#2301) The Habitat plan has been modified to support building from the repo rather than relying on a gem being pushed to RubyGems. This allows us to build current packages at every merge rather than only pushing to Habitat Builder when we promote to stable. This change also enables Expeditor to perform builds for us and removes the dependency on the rake task as it is no longer needed. Signed-off-by: Adam Leff <adam@leff.co>
2017-11-14 04:01:51 +00:00
pkg_version=$(cat "$PLAN_CONTEXT/../VERSION")
move Inspec Habitat package to chef/inspec. NOTE: The existing `core/inspec` package (version 0.27.0) cannot be removed from the public Habitat depot.
2016-10-11 21:07:44 +00:00
pkg_description="InSpec is an open-source testing framework for infrastructure
with a human- and machine-readable language for specifying compliance,
security and policy requirements."
Improvements to Habitat plan These are kind of all over the place, but should improve things: * Use the new `pkg_version` mechanism to set the version, and fail if the VERSION file is not present * Use inspec.io for the upstream url * Remove pkg_source and it's associated callbacks; they aren't required any more * Alphabetize the deps list * Remove duplicate coreutils from build deps * Move environment variable setting to `do_prepare` * Delete all binstubs in bin that aren't inspec * Put the generated Gemfile in $CACHE_PATH so it doesn't stomp on the developer's Gemfile * Insert the SSL_CERT_FILE env var in the binstub (Fixes #1582) * Use install instead of cp to drop off Gemfile.lock * Build using `path: '$SRC_PATH'` instead of `'= $pkg_version'` in the Gemfile * Disable `do_strip` to decrease build time and because we don't need it Works for me on Habitat 0.23. Since all the "building" is done now in `do_install`, it would be possible to define a `do_check` that runs `inspec exec` on profiles to verify inspec is working by running inspec. Signed-off-by: Nathan L Smith <smith@chef.io>
2017-05-17 05:19:14 +00:00
pkg_upstream_url=https://www.inspec.io/
move Inspec Habitat package to chef/inspec. NOTE: The existing `core/inspec` package (version 0.27.0) cannot be removed from the public Habitat depot.
2016-10-11 21:07:44 +00:00
pkg_maintainer="The Habitat Maintainers <humans@habitat.sh>"
pkg_license=('Apache-2.0')
pkg_deps=(
Improvements to Habitat plan These are kind of all over the place, but should improve things: * Use the new `pkg_version` mechanism to set the version, and fail if the VERSION file is not present * Use inspec.io for the upstream url * Remove pkg_source and it's associated callbacks; they aren't required any more * Alphabetize the deps list * Remove duplicate coreutils from build deps * Move environment variable setting to `do_prepare` * Delete all binstubs in bin that aren't inspec * Put the generated Gemfile in $CACHE_PATH so it doesn't stomp on the developer's Gemfile * Insert the SSL_CERT_FILE env var in the binstub (Fixes #1582) * Use install instead of cp to drop off Gemfile.lock * Build using `path: '$SRC_PATH'` instead of `'= $pkg_version'` in the Gemfile * Disable `do_strip` to decrease build time and because we don't need it Works for me on Habitat 0.23. Since all the "building" is done now in `do_install`, it would be possible to define a `do_check` that runs `inspec exec` on profiles to verify inspec is working by running inspec. Signed-off-by: Nathan L Smith <smith@chef.io>
2017-05-17 05:19:14 +00:00
core/busybox-static
core/cacerts
move Inspec Habitat package to chef/inspec. NOTE: The existing `core/inspec` package (version 0.27.0) cannot be removed from the public Habitat depot.
2016-10-11 21:07:44 +00:00
core/coreutils
Fix Habitat plan for nokogiri support Nokogiri is failing to build in the habitat artifact due to the lack of libxml2 and libxslt. This brings them in as dependencies and also properly configures bundler to use them. Signed-off-by: Adam Leff <adam@leff.co>
2017-03-21 21:51:59 +00:00
core/libxml2
core/libxslt
move Inspec Habitat package to chef/inspec. NOTE: The existing `core/inspec` package (version 0.27.0) cannot be removed from the public Habitat depot.
2016-10-11 21:07:44 +00:00
core/net-tools
Improvements to Habitat plan These are kind of all over the place, but should improve things: * Use the new `pkg_version` mechanism to set the version, and fail if the VERSION file is not present * Use inspec.io for the upstream url * Remove pkg_source and it's associated callbacks; they aren't required any more * Alphabetize the deps list * Remove duplicate coreutils from build deps * Move environment variable setting to `do_prepare` * Delete all binstubs in bin that aren't inspec * Put the generated Gemfile in $CACHE_PATH so it doesn't stomp on the developer's Gemfile * Insert the SSL_CERT_FILE env var in the binstub (Fixes #1582) * Use install instead of cp to drop off Gemfile.lock * Build using `path: '$SRC_PATH'` instead of `'= $pkg_version'` in the Gemfile * Disable `do_strip` to decrease build time and because we don't need it Works for me on Habitat 0.23. Since all the "building" is done now in `do_install`, it would be possible to define a `do_check` that runs `inspec exec` on profiles to verify inspec is working by running inspec. Signed-off-by: Nathan L Smith <smith@chef.io>
2017-05-17 05:19:14 +00:00
core/ruby
move Inspec Habitat package to chef/inspec. NOTE: The existing `core/inspec` package (version 0.27.0) cannot be removed from the public Habitat depot.
2016-10-11 21:07:44 +00:00
)
pkg_build_deps=(
core/bundler
core/gcc
core/make
core/readline
Improvements to Habitat plan These are kind of all over the place, but should improve things: * Use the new `pkg_version` mechanism to set the version, and fail if the VERSION file is not present * Use inspec.io for the upstream url * Remove pkg_source and it's associated callbacks; they aren't required any more * Alphabetize the deps list * Remove duplicate coreutils from build deps * Move environment variable setting to `do_prepare` * Delete all binstubs in bin that aren't inspec * Put the generated Gemfile in $CACHE_PATH so it doesn't stomp on the developer's Gemfile * Insert the SSL_CERT_FILE env var in the binstub (Fixes #1582) * Use install instead of cp to drop off Gemfile.lock * Build using `path: '$SRC_PATH'` instead of `'= $pkg_version'` in the Gemfile * Disable `do_strip` to decrease build time and because we don't need it Works for me on Habitat 0.23. Since all the "building" is done now in `do_install`, it would be possible to define a `do_check` that runs `inspec exec` on profiles to verify inspec is working by running inspec. Signed-off-by: Nathan L Smith <smith@chef.io>
2017-05-17 05:19:14 +00:00
core/sed
move Inspec Habitat package to chef/inspec. NOTE: The existing `core/inspec` package (version 0.27.0) cannot be removed from the public Habitat depot.
2016-10-11 21:07:44 +00:00
)
pkg_bin_dirs=(bin)
Habitat build works for all versions, eliminates rake (#2301) The Habitat plan has been modified to support building from the repo rather than relying on a gem being pushed to RubyGems. This allows us to build current packages at every merge rather than only pushing to Habitat Builder when we promote to stable. This change also enables Expeditor to perform builds for us and removes the dependency on the rake task as it is no longer needed. Signed-off-by: Adam Leff <adam@leff.co>
2017-11-14 04:01:51 +00:00
do_prepare() {
export BUNDLE_SILENCE_ROOT_WARNING GEM_HOME GEM_PATH
BUNDLE_SILENCE_ROOT_WARNING=1
build_line "Setting BUNDLE_SILENCE_ROOT_WARNING=$BUNDLE_SILENCE_ROOT_WARNING"
GEM_HOME="$pkg_prefix/vendor/bundle"
build_line "Setting GEM_HOME=$GEM_HOME"
GEM_PATH="$(pkg_path_for bundler):$GEM_HOME"
build_line "Setting GEM_PATH=$GEM_PATH"
move Inspec Habitat package to chef/inspec. NOTE: The existing `core/inspec` package (version 0.27.0) cannot be removed from the public Habitat depot.
2016-10-11 21:07:44 +00:00
}
Habitat build works for all versions, eliminates rake (#2301) The Habitat plan has been modified to support building from the repo rather than relying on a gem being pushed to RubyGems. This allows us to build current packages at every merge rather than only pushing to Habitat Builder when we promote to stable. This change also enables Expeditor to perform builds for us and removes the dependency on the rake task as it is no longer needed. Signed-off-by: Adam Leff <adam@leff.co>
2017-11-14 04:01:51 +00:00
do_build() {
Improvements to Habitat plan These are kind of all over the place, but should improve things: * Use the new `pkg_version` mechanism to set the version, and fail if the VERSION file is not present * Use inspec.io for the upstream url * Remove pkg_source and it's associated callbacks; they aren't required any more * Alphabetize the deps list * Remove duplicate coreutils from build deps * Move environment variable setting to `do_prepare` * Delete all binstubs in bin that aren't inspec * Put the generated Gemfile in $CACHE_PATH so it doesn't stomp on the developer's Gemfile * Insert the SSL_CERT_FILE env var in the binstub (Fixes #1582) * Use install instead of cp to drop off Gemfile.lock * Build using `path: '$SRC_PATH'` instead of `'= $pkg_version'` in the Gemfile * Disable `do_strip` to decrease build time and because we don't need it Works for me on Habitat 0.23. Since all the "building" is done now in `do_install`, it would be possible to define a `do_check` that runs `inspec exec` on profiles to verify inspec is working by running inspec. Signed-off-by: Nathan L Smith <smith@chef.io>
2017-05-17 05:19:14 +00:00
# If we use the Gemfile in the project ($SRC_PATH/Gemfile), and run `bundle
# install` (which we do in `do_build` below), Bundler will write out a
# .bundle/config into the $SRC_PATH. If this happens, if you try to use
# InSpec outside of the build process it will fail, since the settings used
# in this plan will be saved in the .bundle/config.
#
Habitat build works for all versions, eliminates rake (#2301) The Habitat plan has been modified to support building from the repo rather than relying on a gem being pushed to RubyGems. This allows us to build current packages at every merge rather than only pushing to Habitat Builder when we promote to stable. This change also enables Expeditor to perform builds for us and removes the dependency on the rake task as it is no longer needed. Signed-off-by: Adam Leff <adam@leff.co>
2017-11-14 04:01:51 +00:00
# Instead, we first use Bundler to build up a local cache of gem dependencies.
# Then when we build, we'll build the InSpec gem and write out a new Gemfile
# to use that instead.
#
# Building up the local cache of dependencies is necessary because Bundler won't
# try and walk the sources if it finds the initial gem in the local cache.
build_line "Caching InSpec's gem dependencies..."
mkdir -p $CACHE_PATH/vendor/cache
Improvements to Habitat plan These are kind of all over the place, but should improve things: * Use the new `pkg_version` mechanism to set the version, and fail if the VERSION file is not present * Use inspec.io for the upstream url * Remove pkg_source and it's associated callbacks; they aren't required any more * Alphabetize the deps list * Remove duplicate coreutils from build deps * Move environment variable setting to `do_prepare` * Delete all binstubs in bin that aren't inspec * Put the generated Gemfile in $CACHE_PATH so it doesn't stomp on the developer's Gemfile * Insert the SSL_CERT_FILE env var in the binstub (Fixes #1582) * Use install instead of cp to drop off Gemfile.lock * Build using `path: '$SRC_PATH'` instead of `'= $pkg_version'` in the Gemfile * Disable `do_strip` to decrease build time and because we don't need it Works for me on Habitat 0.23. Since all the "building" is done now in `do_install`, it would be possible to define a `do_check` that runs `inspec exec` on profiles to verify inspec is working by running inspec. Signed-off-by: Nathan L Smith <smith@chef.io>
2017-05-17 05:19:14 +00:00
cat > "$CACHE_PATH/Gemfile" <<GEMFILE
move Inspec Habitat package to chef/inspec. NOTE: The existing `core/inspec` package (version 0.27.0) cannot be removed from the public Habitat depot.
2016-10-11 21:07:44 +00:00
source 'https://rubygems.org'
Habitat build works for all versions, eliminates rake (#2301) The Habitat plan has been modified to support building from the repo rather than relying on a gem being pushed to RubyGems. This allows us to build current packages at every merge rather than only pushing to Habitat Builder when we promote to stable. This change also enables Expeditor to perform builds for us and removes the dependency on the rake task as it is no longer needed. Signed-off-by: Adam Leff <adam@leff.co>
2017-11-14 04:01:51 +00:00
gem '$pkg_name', path: "${PLAN_CONTEXT}/.."
move Inspec Habitat package to chef/inspec. NOTE: The existing `core/inspec` package (version 0.27.0) cannot be removed from the public Habitat depot.
2016-10-11 21:07:44 +00:00
GEMFILE
Improvements to Habitat plan These are kind of all over the place, but should improve things: * Use the new `pkg_version` mechanism to set the version, and fail if the VERSION file is not present * Use inspec.io for the upstream url * Remove pkg_source and it's associated callbacks; they aren't required any more * Alphabetize the deps list * Remove duplicate coreutils from build deps * Move environment variable setting to `do_prepare` * Delete all binstubs in bin that aren't inspec * Put the generated Gemfile in $CACHE_PATH so it doesn't stomp on the developer's Gemfile * Insert the SSL_CERT_FILE env var in the binstub (Fixes #1582) * Use install instead of cp to drop off Gemfile.lock * Build using `path: '$SRC_PATH'` instead of `'= $pkg_version'` in the Gemfile * Disable `do_strip` to decrease build time and because we don't need it Works for me on Habitat 0.23. Since all the "building" is done now in `do_install`, it would be possible to define a `do_check` that runs `inspec exec` on profiles to verify inspec is working by running inspec. Signed-off-by: Nathan L Smith <smith@chef.io>
2017-05-17 05:19:14 +00:00
Habitat build works for all versions, eliminates rake (#2301) The Habitat plan has been modified to support building from the repo rather than relying on a gem being pushed to RubyGems. This allows us to build current packages at every merge rather than only pushing to Habitat Builder when we promote to stable. This change also enables Expeditor to perform builds for us and removes the dependency on the rake task as it is no longer needed. Signed-off-by: Adam Leff <adam@leff.co>
2017-11-14 04:01:51 +00:00
bundle install \
--binstubs "$pkg_prefix/bin" \
--gemfile "$CACHE_PATH/Gemfile" \
--jobs "$(nproc)" \
--path "$pkg_prefix/bundle" \
--retry 5 \
--standalone
build_line "Building the InSpec gem..."
gem build inspec.gemspec
build_line "Moving the InSpec gem into the cache path..."
mv inspec-${pkg_version}.gem ${CACHE_PATH}/vendor/cache
build_line "Re-bundling with the new InSpec gem..."
cat > "$CACHE_PATH/Gemfile" <<GEMFILE
gem '$pkg_name', '= ${pkg_version}'
GEMFILE
move Inspec Habitat package to chef/inspec. NOTE: The existing `core/inspec` package (version 0.27.0) cannot be removed from the public Habitat depot.
2016-10-11 21:07:44 +00:00
Improvements to Habitat plan These are kind of all over the place, but should improve things: * Use the new `pkg_version` mechanism to set the version, and fail if the VERSION file is not present * Use inspec.io for the upstream url * Remove pkg_source and it's associated callbacks; they aren't required any more * Alphabetize the deps list * Remove duplicate coreutils from build deps * Move environment variable setting to `do_prepare` * Delete all binstubs in bin that aren't inspec * Put the generated Gemfile in $CACHE_PATH so it doesn't stomp on the developer's Gemfile * Insert the SSL_CERT_FILE env var in the binstub (Fixes #1582) * Use install instead of cp to drop off Gemfile.lock * Build using `path: '$SRC_PATH'` instead of `'= $pkg_version'` in the Gemfile * Disable `do_strip` to decrease build time and because we don't need it Works for me on Habitat 0.23. Since all the "building" is done now in `do_install`, it would be possible to define a `do_check` that runs `inspec exec` on profiles to verify inspec is working by running inspec. Signed-off-by: Nathan L Smith <smith@chef.io>
2017-05-17 05:19:14 +00:00
bundle install \
--binstubs "$pkg_prefix/bin" \
--gemfile "$CACHE_PATH/Gemfile" \
--jobs "$(nproc)" \
--path "$pkg_prefix/bundle" \
--retry 5 \
Habitat build works for all versions, eliminates rake (#2301) The Habitat plan has been modified to support building from the repo rather than relying on a gem being pushed to RubyGems. This allows us to build current packages at every merge rather than only pushing to Habitat Builder when we promote to stable. This change also enables Expeditor to perform builds for us and removes the dependency on the rake task as it is no longer needed. Signed-off-by: Adam Leff <adam@leff.co>
2017-11-14 04:01:51 +00:00
--local \
Improvements to Habitat plan These are kind of all over the place, but should improve things: * Use the new `pkg_version` mechanism to set the version, and fail if the VERSION file is not present * Use inspec.io for the upstream url * Remove pkg_source and it's associated callbacks; they aren't required any more * Alphabetize the deps list * Remove duplicate coreutils from build deps * Move environment variable setting to `do_prepare` * Delete all binstubs in bin that aren't inspec * Put the generated Gemfile in $CACHE_PATH so it doesn't stomp on the developer's Gemfile * Insert the SSL_CERT_FILE env var in the binstub (Fixes #1582) * Use install instead of cp to drop off Gemfile.lock * Build using `path: '$SRC_PATH'` instead of `'= $pkg_version'` in the Gemfile * Disable `do_strip` to decrease build time and because we don't need it Works for me on Habitat 0.23. Since all the "building" is done now in `do_install`, it would be possible to define a `do_check` that runs `inspec exec` on profiles to verify inspec is working by running inspec. Signed-off-by: Nathan L Smith <smith@chef.io>
2017-05-17 05:19:14 +00:00
--standalone
Fix Habitat plan for nokogiri support Nokogiri is failing to build in the habitat artifact due to the lack of libxml2 and libxslt. This brings them in as dependencies and also properly configures bundler to use them. Signed-off-by: Adam Leff <adam@leff.co>
2017-03-21 21:51:59 +00:00
Improvements to Habitat plan These are kind of all over the place, but should improve things: * Use the new `pkg_version` mechanism to set the version, and fail if the VERSION file is not present * Use inspec.io for the upstream url * Remove pkg_source and it's associated callbacks; they aren't required any more * Alphabetize the deps list * Remove duplicate coreutils from build deps * Move environment variable setting to `do_prepare` * Delete all binstubs in bin that aren't inspec * Put the generated Gemfile in $CACHE_PATH so it doesn't stomp on the developer's Gemfile * Insert the SSL_CERT_FILE env var in the binstub (Fixes #1582) * Use install instead of cp to drop off Gemfile.lock * Build using `path: '$SRC_PATH'` instead of `'= $pkg_version'` in the Gemfile * Disable `do_strip` to decrease build time and because we don't need it Works for me on Habitat 0.23. Since all the "building" is done now in `do_install`, it would be possible to define a `do_check` that runs `inspec exec` on profiles to verify inspec is working by running inspec. Signed-off-by: Nathan L Smith <smith@chef.io>
2017-05-17 05:19:14 +00:00
# Delete everything that's not inspec in bin
find "$pkg_prefix/bin" -type f -not -name 'inspec' -delete
Fix Habitat plan for nokogiri support Nokogiri is failing to build in the habitat artifact due to the lack of libxml2 and libxslt. This brings them in as dependencies and also properly configures bundler to use them. Signed-off-by: Adam Leff <adam@leff.co>
2017-03-21 21:51:59 +00:00
Improvements to Habitat plan These are kind of all over the place, but should improve things: * Use the new `pkg_version` mechanism to set the version, and fail if the VERSION file is not present * Use inspec.io for the upstream url * Remove pkg_source and it's associated callbacks; they aren't required any more * Alphabetize the deps list * Remove duplicate coreutils from build deps * Move environment variable setting to `do_prepare` * Delete all binstubs in bin that aren't inspec * Put the generated Gemfile in $CACHE_PATH so it doesn't stomp on the developer's Gemfile * Insert the SSL_CERT_FILE env var in the binstub (Fixes #1582) * Use install instead of cp to drop off Gemfile.lock * Build using `path: '$SRC_PATH'` instead of `'= $pkg_version'` in the Gemfile * Disable `do_strip` to decrease build time and because we don't need it Works for me on Habitat 0.23. Since all the "building" is done now in `do_install`, it would be possible to define a `do_check` that runs `inspec exec` on profiles to verify inspec is working by running inspec. Signed-off-by: Nathan L Smith <smith@chef.io>
2017-05-17 05:19:14 +00:00
fix_interpreter "$pkg_prefix/bin/inspec" core/coreutils bin/env
Fix Habitat plan for nokogiri support Nokogiri is failing to build in the habitat artifact due to the lack of libxml2 and libxslt. This brings them in as dependencies and also properly configures bundler to use them. Signed-off-by: Adam Leff <adam@leff.co>
2017-03-21 21:51:59 +00:00
Improvements to Habitat plan These are kind of all over the place, but should improve things: * Use the new `pkg_version` mechanism to set the version, and fail if the VERSION file is not present * Use inspec.io for the upstream url * Remove pkg_source and it's associated callbacks; they aren't required any more * Alphabetize the deps list * Remove duplicate coreutils from build deps * Move environment variable setting to `do_prepare` * Delete all binstubs in bin that aren't inspec * Put the generated Gemfile in $CACHE_PATH so it doesn't stomp on the developer's Gemfile * Insert the SSL_CERT_FILE env var in the binstub (Fixes #1582) * Use install instead of cp to drop off Gemfile.lock * Build using `path: '$SRC_PATH'` instead of `'= $pkg_version'` in the Gemfile * Disable `do_strip` to decrease build time and because we don't need it Works for me on Habitat 0.23. Since all the "building" is done now in `do_install`, it would be possible to define a `do_check` that runs `inspec exec` on profiles to verify inspec is working by running inspec. Signed-off-by: Nathan L Smith <smith@chef.io>
2017-05-17 05:19:14 +00:00
# Insert the SSL cert path into the inspec executable
sed -i "2iENV['SSL_CERT_FILE'] = '$(pkg_path_for cacerts)/ssl/cert.pem'" \
"$pkg_prefix/bin/inspec"
}
do_install() {
Habitat build works for all versions, eliminates rake (#2301) The Habitat plan has been modified to support building from the repo rather than relying on a gem being pushed to RubyGems. This allows us to build current packages at every merge rather than only pushing to Habitat Builder when we promote to stable. This change also enables Expeditor to perform builds for us and removes the dependency on the rake task as it is no longer needed. Signed-off-by: Adam Leff <adam@leff.co>
2017-11-14 04:01:51 +00:00
install -m 0644 ${CACHE_PATH}/Gemfile.lock "$pkg_prefix/Gemfile.lock"
move Inspec Habitat package to chef/inspec. NOTE: The existing `core/inspec` package (version 0.27.0) cannot be removed from the public Habitat depot.
2016-10-11 21:07:44 +00:00
}
Improvements to Habitat plan These are kind of all over the place, but should improve things: * Use the new `pkg_version` mechanism to set the version, and fail if the VERSION file is not present * Use inspec.io for the upstream url * Remove pkg_source and it's associated callbacks; they aren't required any more * Alphabetize the deps list * Remove duplicate coreutils from build deps * Move environment variable setting to `do_prepare` * Delete all binstubs in bin that aren't inspec * Put the generated Gemfile in $CACHE_PATH so it doesn't stomp on the developer's Gemfile * Insert the SSL_CERT_FILE env var in the binstub (Fixes #1582) * Use install instead of cp to drop off Gemfile.lock * Build using `path: '$SRC_PATH'` instead of `'= $pkg_version'` in the Gemfile * Disable `do_strip` to decrease build time and because we don't need it Works for me on Habitat 0.23. Since all the "building" is done now in `do_install`, it would be possible to define a `do_check` that runs `inspec exec` on profiles to verify inspec is working by running inspec. Signed-off-by: Nathan L Smith <smith@chef.io>
2017-05-17 05:19:14 +00:00
do_strip() {
return 0
move Inspec Habitat package to chef/inspec. NOTE: The existing `core/inspec` package (version 0.27.0) cannot be removed from the public Habitat depot.
2016-10-11 21:07:44 +00:00
}
Reference in a new issue Copy permalink