2019-06-11 22:24:35 +00:00
|
|
|
require "minitest/autorun"
|
|
|
|
require "mocha/setup"
|
|
|
|
require_relative "../../lib/inspec-compliance/api.rb"
|
2017-05-26 19:30:37 +00:00
|
|
|
|
2018-10-04 18:31:39 +00:00
|
|
|
describe InspecPlugins::Compliance::Fetcher do
|
2019-06-11 22:24:35 +00:00
|
|
|
let(:config) { { "server" => "myserver" } }
|
2017-05-26 19:30:37 +00:00
|
|
|
|
2019-06-11 22:24:35 +00:00
|
|
|
describe "the check_compliance_token method" do
|
|
|
|
let(:fetcher) { fetcher = InspecPlugins::Compliance::Fetcher.new("a/bad/url", config) }
|
2018-09-13 17:06:02 +00:00
|
|
|
|
2019-06-11 22:24:35 +00:00
|
|
|
it "returns without error if token is set" do
|
|
|
|
config["token"] = "my-token"
|
|
|
|
fetcher.class.check_compliance_token("http://test.com", config)
|
2018-09-13 17:06:02 +00:00
|
|
|
end
|
|
|
|
|
2019-06-11 22:24:35 +00:00
|
|
|
it "returns an error when token is not set" do
|
|
|
|
ex = assert_raises(Inspec::FetcherFailure) { fetcher.class.check_compliance_token("http://test.com", config) }
|
2018-09-13 17:06:02 +00:00
|
|
|
ex.message.must_include "Cannot fetch http://test.com because your compliance token has not been\nconfigured."
|
|
|
|
end
|
|
|
|
end
|
|
|
|
|
2019-06-11 22:24:35 +00:00
|
|
|
describe "when the server is an automate2 server" do
|
2018-10-04 18:31:39 +00:00
|
|
|
before { InspecPlugins::Compliance::API.expects(:is_automate2_server?).with(config).returns(true) }
|
2018-05-04 16:25:40 +00:00
|
|
|
|
2019-06-11 22:24:35 +00:00
|
|
|
it "returns the correct owner and profile name" do
|
|
|
|
config["profile"] = ["admin", "ssh-baseline", nil]
|
|
|
|
fetcher = InspecPlugins::Compliance::Fetcher.new("myserver/profile", config)
|
|
|
|
fetcher.send(:compliance_profile_name).must_equal "admin/ssh-baseline"
|
2018-05-04 16:25:40 +00:00
|
|
|
end
|
|
|
|
end
|
|
|
|
|
2019-06-11 22:24:35 +00:00
|
|
|
describe "when the server is an automate server pre-0.8.0" do
|
2018-10-04 18:31:39 +00:00
|
|
|
before { InspecPlugins::Compliance::API.expects(:is_automate_server_pre_080?).with(config).returns(true) }
|
2017-05-26 19:30:37 +00:00
|
|
|
|
2019-06-11 22:24:35 +00:00
|
|
|
it "returns the correct profile name when the url is correct" do
|
|
|
|
fetcher = InspecPlugins::Compliance::Fetcher.new("myserver/myowner/myprofile/tar", config)
|
|
|
|
fetcher.send(:compliance_profile_name).must_equal "myowner/myprofile"
|
2017-05-26 19:30:37 +00:00
|
|
|
end
|
|
|
|
|
2019-06-11 22:24:35 +00:00
|
|
|
it "raises an exception if the url is malformed" do
|
|
|
|
fetcher = InspecPlugins::Compliance::Fetcher.new("a/bad/url", config)
|
2017-05-26 19:30:37 +00:00
|
|
|
proc { fetcher.send(:compliance_profile_name) }.must_raise RuntimeError
|
|
|
|
end
|
|
|
|
end
|
|
|
|
|
2019-06-11 22:24:35 +00:00
|
|
|
describe "when the server is an automate server 0.8.0-or-later" do
|
2017-05-26 19:30:37 +00:00
|
|
|
before do
|
2018-10-04 18:31:39 +00:00
|
|
|
InspecPlugins::Compliance::API.expects(:is_automate_server_pre_080?).with(config).returns(false)
|
|
|
|
InspecPlugins::Compliance::API.expects(:is_automate_server_080_and_later?).with(config).returns(true)
|
2017-05-26 19:30:37 +00:00
|
|
|
end
|
|
|
|
|
2019-06-11 22:24:35 +00:00
|
|
|
it "returns the correct profile name when the url is correct" do
|
|
|
|
fetcher = InspecPlugins::Compliance::Fetcher.new("myserver/profiles/myowner/myprofile/tar", config)
|
|
|
|
fetcher.send(:compliance_profile_name).must_equal "myowner/myprofile"
|
2017-05-26 19:30:37 +00:00
|
|
|
end
|
|
|
|
|
2019-06-11 22:24:35 +00:00
|
|
|
it "raises an exception if the url is malformed" do
|
|
|
|
fetcher = InspecPlugins::Compliance::Fetcher.new("a/bad/url", config)
|
2017-05-26 19:30:37 +00:00
|
|
|
proc { fetcher.send(:compliance_profile_name) }.must_raise RuntimeError
|
|
|
|
end
|
|
|
|
end
|
|
|
|
|
2019-06-11 22:24:35 +00:00
|
|
|
describe "when the server is not an automate server (likely a compliance server)" do
|
2017-05-26 19:30:37 +00:00
|
|
|
before do
|
2018-10-04 18:31:39 +00:00
|
|
|
InspecPlugins::Compliance::API.expects(:is_automate_server_pre_080?).with(config).returns(false)
|
|
|
|
InspecPlugins::Compliance::API.expects(:is_automate_server_080_and_later?).with(config).returns(false)
|
2017-05-26 19:30:37 +00:00
|
|
|
end
|
|
|
|
|
2019-06-11 22:24:35 +00:00
|
|
|
it "returns the correct profile name when the url is correct" do
|
|
|
|
fetcher = InspecPlugins::Compliance::Fetcher.new("myserver/owners/myowner/compliance/myprofile/tar", config)
|
|
|
|
fetcher.send(:compliance_profile_name).must_equal "myowner/myprofile"
|
2017-05-26 19:30:37 +00:00
|
|
|
end
|
|
|
|
|
2019-06-11 22:24:35 +00:00
|
|
|
it "raises an exception if the url is malformed" do
|
|
|
|
fetcher = InspecPlugins::Compliance::Fetcher.new("a/bad/url", config)
|
2017-05-26 19:30:37 +00:00
|
|
|
proc { fetcher.send(:compliance_profile_name) }.must_raise RuntimeError
|
|
|
|
end
|
|
|
|
end
|
2018-05-03 18:07:53 +00:00
|
|
|
|
2019-06-11 22:24:35 +00:00
|
|
|
describe "when the server calls an automate profile" do
|
2018-08-28 13:11:38 +00:00
|
|
|
let(:profiles_result) do
|
2019-06-11 22:24:35 +00:00
|
|
|
[{ "name" => "ssh-baseline",
|
|
|
|
"title" => "InSpec Profile",
|
|
|
|
"maintainer" => "The Authors",
|
|
|
|
"copyright" => "The Authors",
|
|
|
|
"copyright_email" => "you@example.com",
|
|
|
|
"license" => "Apache-2.0",
|
|
|
|
"summary" => "An InSpec Compliance Profile",
|
|
|
|
"version" => "0.1.1",
|
|
|
|
"owner" => "admin",
|
|
|
|
"supports" => [],
|
|
|
|
"depends" => [],
|
|
|
|
"sha256" => "132j1kjdasfasdoaefaewo12312",
|
|
|
|
"groups" => [],
|
|
|
|
"controls" => [],
|
|
|
|
"attributes" => [],
|
|
|
|
"latest_version" => "" }]
|
2018-08-28 13:11:38 +00:00
|
|
|
end
|
2018-05-03 18:07:53 +00:00
|
|
|
before do
|
2019-06-11 22:24:35 +00:00
|
|
|
InspecPlugins::Compliance::Configuration.expects(:new).returns({ "token" => "123abc", "server" => "https://a2.instance.com" })
|
2018-05-03 18:07:53 +00:00
|
|
|
end
|
|
|
|
|
2019-06-11 22:24:35 +00:00
|
|
|
it "returns the correct profile name when parsing url" do
|
|
|
|
InspecPlugins::Compliance::API.stubs(:profiles).returns(["success", profiles_result])
|
|
|
|
fetcher = InspecPlugins::Compliance::Fetcher.resolve("compliance://admin/ssh-baseline")
|
|
|
|
assert = ["admin", "ssh-baseline", nil]
|
|
|
|
fetcher.instance_variable_get(:"@config")["profile"].must_equal assert
|
2018-05-03 18:07:53 +00:00
|
|
|
end
|
|
|
|
|
2019-06-11 22:24:35 +00:00
|
|
|
it "returns the correct profile name when parsing compliance hash" do
|
|
|
|
InspecPlugins::Compliance::API.stubs(:profiles).returns(["success", profiles_result])
|
2018-05-03 18:07:53 +00:00
|
|
|
hash = {
|
2019-06-11 22:24:35 +00:00
|
|
|
target: "https://a2.instance.com/api/v0/compliance/tar",
|
|
|
|
compliance: "admin/ssh-baseline",
|
|
|
|
sha256: "132j1kjdasfasdoaefaewo12312",
|
2018-05-03 18:07:53 +00:00
|
|
|
}
|
2018-10-04 18:31:39 +00:00
|
|
|
fetcher = InspecPlugins::Compliance::Fetcher.resolve(hash)
|
2019-06-11 22:24:35 +00:00
|
|
|
assert = ["admin", "ssh-baseline", nil]
|
|
|
|
fetcher.instance_variable_get(:"@config")["profile"].must_equal assert
|
2018-05-03 18:07:53 +00:00
|
|
|
end
|
|
|
|
end
|
2018-08-28 13:11:38 +00:00
|
|
|
|
2019-06-11 22:24:35 +00:00
|
|
|
describe "when the server provides a sha256 in the profiles_result" do
|
2018-08-28 13:11:38 +00:00
|
|
|
let(:profiles_result) do
|
2019-06-11 22:24:35 +00:00
|
|
|
[{ "name" => "ssh-baseline",
|
|
|
|
"title" => "InSpec Profile",
|
|
|
|
"maintainer" => "The Authors",
|
|
|
|
"copyright" => "The Authors",
|
|
|
|
"copyright_email" => "you@example.com",
|
|
|
|
"license" => "Apache-2.0",
|
|
|
|
"summary" => "An InSpec Compliance Profile",
|
|
|
|
"version" => "0.1.1",
|
|
|
|
"owner" => "admin",
|
|
|
|
"supports" => [],
|
|
|
|
"depends" => [],
|
|
|
|
"sha256" => "132j1kjdasfasdoaefaewo12312",
|
|
|
|
"groups" => [],
|
|
|
|
"controls" => [],
|
|
|
|
"attributes" => [],
|
|
|
|
"latest_version" => "" }]
|
2018-08-28 13:11:38 +00:00
|
|
|
end
|
|
|
|
|
|
|
|
before do
|
2019-06-11 22:24:35 +00:00
|
|
|
InspecPlugins::Compliance::Configuration.expects(:new).returns({ "token" => "123abc", "server" => "https://a2.instance.com" })
|
2018-08-28 13:11:38 +00:00
|
|
|
end
|
|
|
|
|
2019-06-11 22:24:35 +00:00
|
|
|
it "contains the upstream_sha256" do
|
|
|
|
InspecPlugins::Compliance::API.stubs(:profiles).returns(["success", profiles_result])
|
2018-08-28 13:11:38 +00:00
|
|
|
prof = profiles_result[0]
|
|
|
|
target = "compliance://#{prof['owner']}/#{prof['name']}"
|
2018-10-04 18:31:39 +00:00
|
|
|
fetcher = InspecPlugins::Compliance::Fetcher.resolve(target)
|
2019-06-11 22:24:35 +00:00
|
|
|
fetcher.upstream_sha256.must_equal prof["sha256"]
|
2018-08-28 13:11:38 +00:00
|
|
|
end
|
|
|
|
end
|
2017-05-26 19:30:37 +00:00
|
|
|
end
|