Merge pull request #5425 from option-to-skip-empty-profile-report

Fixes #5373 : Add option to filter empty profiles from report

docs-chef-io/content/inspec/cli.md

@@ -146,7 +146,7 @@ This subcommand has additional options:
     Specify which transport to use, defaults to negotiate (WinRM).
 * ``--winrm-shell-type=WINRM_SHELL_TYPE``
     Specify which shell type to use (powershell,elevated or cmd), defaults to powershell (WinRM).
-    
+
 ## env
 
 Output shell-appropriate completion configuration
@@ -332,6 +332,8 @@ This subcommand has additional options:
     Whether to use disable sspi authentication, defaults to false (WinRM).
 * ``--winrm-transport=WINRM_TRANSPORT``
     Specify which transport to use, defaults to negotiate (WinRM).
+* ``--filter-empty-profiles``, ``--no-filter-empty-profiles``
+    Filter empty profiles (profiles without controls) from the report.
 
 ## help
 

lib/inspec/base_cli.rb

@@ -164,6 +164,8 @@ module Inspec
         desc: "Use --no-diff to suppress 'diff' output of failed textual test results."
       option :sort_results_by, type: :string, default: "file", banner: "--sort-results-by=none|control|file|random",
         desc: "After normal execution order, results are sorted by control ID, or by file (default), or randomly. None uses legacy unsorted mode."
+      option :filter_empty_profiles, type: :boolean, default: false,
+        desc: "Filter empty profiles (profiles without controls) from the report."
     end
 
     def self.help(*args)

lib/inspec/utils/run_data_filters.rb

@@ -13,6 +13,7 @@ module Inspec
       def apply_run_data_filters_to_hash
         @config[:runtime_config] = Inspec::Config.cached || {}
         apply_report_resize_options
+        filter_empty_profiles
         redact_sensitive_inputs
         suppress_diff_output
         sort_controls
@@ -36,6 +37,14 @@ module Inspec
         end
       end
 
+      # Filters profiles from report which don't have controls in it.
+      def filter_empty_profiles
+        runtime_config = @config[:runtime_config]
+        if runtime_config[:filter_empty_profiles] && @run_data[:profiles].count > 1
+          @run_data[:profiles].delete_if { |p| p[:controls].empty? }
+        end
+      end
+
       # Find any inputs with :sensitive = true and replace their values with "***"
       def redact_sensitive_inputs
         @run_data[:profiles]&.each do |p|

test/fixtures/profiles/dependencies/resource-pack/inspec.yml

@@ -0,0 +1,10 @@
+name: resource-pack
+title: InSpec Profile
+maintainer: The Authors
+copyright: The Authors
+copyright_email: you@example.com
+license: Apache-2.0
+summary: An InSpec Compliance Profile
+version: 0.1.0
+supports:
+  platform: os

test/fixtures/profiles/dependencies/resource-pack/libraries/example_config.rb

@@ -0,0 +1,15 @@
+class ExampleConfig < Inspec.resource(1)
+  name 'example_config'
+
+  desc "Example's resource description ..."
+
+  example "
+    describe example_config do
+      its('version') { should eq('1.0') }
+    end
+  "
+
+  def version
+    "1.0"
+  end
+end

test/fixtures/profiles/dependencies/uses-resource-pack/controls/example.rb

@@ -0,0 +1,18 @@
+# copyright: 2018, The Authors
+
+title "sample section"
+
+# you can also use plain tests
+describe file("/tmp") do
+  it { should be_directory }
+end
+
+# you add controls here
+control "tmp-1.0" do                        # A unique ID for this control
+  impact 0.7                                # The criticality, if this control fails.
+  title "Create /tmp directory"             # A human-readable title
+  desc "An optional description..."
+  describe file("/tmp") do                  # The actual test
+    it { should be_directory }
+  end
+end

test/fixtures/profiles/dependencies/uses-resource-pack/inspec.yml

@@ -0,0 +1,13 @@
+name: uses-resource-pack
+title: InSpec Profile
+maintainer: The Authors
+copyright: The Authors
+copyright_email: you@example.com
+license: Apache-2.0
+summary: An InSpec Compliance Profile
+version: 0.1.0
+supports:
+  platform: os
+depends:
+  - name: resource-pack
+    path: ../resource-pack

test/functional/inspec_exec_json_test.rb

@@ -421,6 +421,28 @@ describe "inspec exec with json formatter" do
     end
   end
 
+  describe "JSON reporter" do
+    describe "with --no-filter-empty-profiles option" do
+      let(:run_result) { run_inspec_process("exec #{profile_path}/dependencies/uses-resource-pack --no-filter-empty-profiles", json: true) }
+      let(:profiles) { @json["profiles"] }
+
+      it "does not filter the empty profiles(profiles without controls)" do
+        _(run_result.stderr).must_be_empty
+        _(profiles.count).must_equal 2
+      end
+    end
+
+    describe "with --filter-empty-profiles option" do
+      let(:run_result) { run_inspec_process("exec #{profile_path}/dependencies/uses-resource-pack --filter-empty-profiles", json: true) }
+      let(:profiles) { @json["profiles"] }
+
+      it "does filter the empty profiles (profiles without controls)" do
+        _(run_result.stderr).must_be_empty
+        _(profiles.count).must_equal 1
+      end
+    end
+  end
+
   describe "JSON reporter using the --sort-results-by option" do
     let(:run_result) { run_inspec_process("exec #{profile_path}/sorted-results/sort-me-1 --sort-results-by #{sort_option}", json: true) }
     let(:control_order) { @json["profiles"][0]["controls"].map { |c| c["id"] }.join("") }