2016-02-05 07:38:45 +00:00
|
|
|
# encoding: utf-8
|
|
|
|
|
# author: Christoph Hartmann
|
|
|
|
|
# author: Dominik Richter
|
|
|
|
|
|
|
|
|
|
require 'uri'
|
2016-02-22 01:13:42 +00:00
|
|
|
require 'inspec/fetcher'
|
|
|
|
|
require 'fetchers/url'
|
2016-02-05 07:38:45 +00:00
|
|
|
|
|
|
|
|
# InSpec Target Helper for Chef Compliance
|
|
|
|
|
# reuses UrlHelper, but it knows the target server and the access token already
|
|
|
|
|
# similar to `inspec exec http://localhost:2134/owners/%base%/compliance/%ssh%/tar --user %token%`
|
|
|
|
|
module Compliance
|
2016-02-22 01:13:42 +00:00
|
|
|
class Fetcher < Fetchers::Url
|
|
|
|
|
name 'compliance'
|
|
|
|
|
priority 500
|
|
|
|
|
|
2016-04-26 21:07:57 +00:00
|
|
|
def self.resolve(target, _opts = {})
|
2016-02-05 07:38:45 +00:00
|
|
|
# check for local scheme compliance://
|
|
|
|
|
uri = URI(target)
|
2016-02-22 01:13:42 +00:00
|
|
|
return nil unless URI(uri).scheme == 'compliance'
|
2016-02-05 07:38:45 +00:00
|
|
|
|
|
|
|
|
# check if we have a compliance token
|
|
|
|
|
config = Compliance::Configuration.new
|
2016-02-22 01:13:42 +00:00
|
|
|
return nil if config['token'].nil?
|
2016-02-05 07:38:45 +00:00
|
|
|
|
|
|
|
|
# verifies that the target e.g base/ssh exists
|
2016-02-22 01:13:42 +00:00
|
|
|
profile = uri.host + uri.path
|
2016-04-26 21:07:57 +00:00
|
|
|
Compliance::API.exist?(config, profile)
|
|
|
|
|
super(target_url(config, profile), config)
|
2016-02-22 01:13:42 +00:00
|
|
|
rescue URI::Error => _e
|
|
|
|
|
nil
|
2016-02-05 07:38:45 +00:00
|
|
|
end
|
|
|
|
|
|
2016-02-22 01:13:42 +00:00
|
|
|
def self.target_url(config, profile)
|
|
|
|
|
owner, id = profile.split('/')
|
|
|
|
|
"#{config['server']}/owners/#{owner}/compliance/#{id}/tar"
|
2016-02-05 07:38:45 +00:00
|
|
|
end
|
|
|
|
|
|
|
|
|
|
def to_s
|
|
|
|
|
'Chef Compliance Profile Loader'
|
|
|
|
|
end
|
|
|
|
|
end
|
|
|
|
|
end
|
