Mirrors/inspec
2
0
Fork 0
mirror of https://github.com/inspec/inspec synced 2024-11-10 23:24:18 +00:00
Code Issues Projects Releases Packages Wiki Activity

Support profile versions for automate profiles storage (#2128)

Browse source 
* Support profile versions for automate profiles storage

Signed-off-by: Alex Pop <apop@chef.io>

* Add unit tests for inspec-compliance bundle

Signed-off-by: Alex Pop <apop@chef.io>

* Refactor target_url method, fix tests, fix rubocop errors

Signed-off-by: Adam Leff <adam@leff.co>
This commit is contained in:
Alex Pop 2017-09-13 21:53:36 +01:00 committed by Adam Leff
parent 18d9b74301
commit 35becd7e0f
3 changed files with 115 additions and 8 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

11
lib/bundles/inspec-compliance/README.md
View file

@ -148,6 +148,17 @@ Finished in 0.02862 seconds (files took 0.62628 seconds to load)
5 examples, 0 failures, 1 pending
```
Exec a specific version(2.0.1) of a profile when logged in with Automate:
```
$ inspec exec compliance://admin/apache-baseline#2.0.1
```
Download a specific version(2.0.2) of a profile when logged in with Automate:
```
$ inspec compliance download compliance://admin/apache-baseline#2.0.2
```
### To Logout from Chef Compliance
```

27
lib/bundles/inspec-compliance/api.rb
View file

@ -83,9 +83,13 @@ module Compliance
# verifies that a profile
def self.exist?(config, profile)
_msg, profiles = Compliance::API.profiles(config)
owner, id, ver = profile_split(profile)
if !profiles.empty?
index = profiles.index { |p| "#{p['owner_id']}/#{p['name']}" == profile }
!index.nil? && index >= 0
profiles.any? do |p|
p['owner_id'] == owner &&
p['name'] == id &&
(ver.nil? || p['version'] == ver)
end
else
false
end
@ -179,14 +183,21 @@ module Compliance
end
def self.target_url(config, profile)
if is_automate_server?(config)
owner, id = profile.split('/')
target = "#{config['server']}/profiles/#{owner}/#{id}/tar"
owner, id, ver = profile_split(profile)
return "#{config['server']}/owners/#{owner}/compliance/#{id}/tar" unless is_automate_server?(config)
if ver.nil?
"#{config['server']}/profiles/#{owner}/#{id}/tar"
else
owner, id = profile.split('/')
target = "#{config['server']}/owners/#{owner}/compliance/#{id}/tar"
"#{config['server']}/profiles/#{owner}/#{id}/version/#{ver}/tar"
end
target
end
def self.profile_split(profile)
owner, id = profile.split('/')
id, version = id.split('#')
[owner, id, version]
end
# returns a parsed url for `admin/profile` or `compliance://admin/profile`

85
test/unit/bundles/inspec-compliance/api_test.rb
View file

@ -1,6 +1,44 @@
require 'helper'
describe Compliance::API do
let(:profiles_response) do
[{"name"=>"apache-baseline",
"title"=>"DevSec Apache Baseline",
"maintainer"=>"DevSec Hardening Framework Team",
"copyright"=>"DevSec Hardening Framework Team",
"copyright_email"=>"hello@dev-sec.io",
"license"=>"Apache 2 license",
"summary"=>"Test-suite for best-practice apache hardening",
"version"=>"2.0.2",
"supports"=>[{"os-family"=>"unix"}],
"depends"=>nil,
"owner_id"=>"admin"},
{"name"=>"apache-baseline",
"title"=>"DevSec Apache Baseline",
"maintainer"=>"Hardening Framework Team",
"copyright"=>"Hardening Framework Team",
"copyright_email"=>"hello@dev-sec.io",
"license"=>"Apache 2 license",
"summary"=>"Test-suite for best-practice apache hardening",
"version"=>"2.0.1",
"supports"=>[{"os-family"=>"unix"}],
"depends"=>nil,
"latest_version"=>"2.0.2",
"owner_id"=>"admin"},
{"name"=>"cis-aix-5.3-6.1-level1",
"title"=>"CIS AIX 5.3 and AIX 6.1 Benchmark Level 1",
"maintainer"=>"Chef Software, Inc.",
"copyright"=>"Chef Software, Inc.",
"copyright_email"=>"support@chef.io",
"license"=>"Proprietary, All rights reserved",
"summary"=>"CIS AIX 5.3 and AIX 6.1 Benchmark Level 1 translated from SCAP",
"version"=>"1.1.0",
"supports"=>nil,
"depends"=>nil,
"latest_version"=>"1.1.0-3",
"owner_id"=>"admin"}]
end
describe '.version' do
let(:headers) { 'test-headers' }
let(:config) do
@ -160,4 +198,51 @@ describe Compliance::API do
Compliance::API.server_version_from_config(config).must_equal '1.2.3'
end
end
describe 'profile_split' do
it 'handles a profile without version' do
Compliance::API.profile_split('admin/apache-baseline').must_equal ['admin', 'apache-baseline', nil]
end
it 'handles a profile with a version' do
Compliance::API.profile_split('admin/apache-baseline#2.0.1').must_equal ['admin', 'apache-baseline', '2.0.1']
end
end
describe 'target_url' do
it 'handles a automate profile with and without version' do
config = Compliance::Configuration.new
config.clean
config['server_type'] = 'automate'
config['server'] = 'https://myautomate'
config['version'] = '1.6.99'
Compliance::API.target_url(config, 'admin/apache-baseline').must_equal 'https://myautomate/profiles/admin/apache-baseline/tar'
Compliance::API.target_url(config, 'admin/apache-baseline#2.0.2').must_equal 'https://myautomate/profiles/admin/apache-baseline/version/2.0.2/tar'
end
it 'handles a chef-compliance profile with and without version' do
config = Compliance::Configuration.new
config.clean
config['server_type'] = 'compliance'
config['server'] = 'https://mychefcompliance'
config['version'] = '1.1.2'
Compliance::API.target_url(config, 'admin/apache-baseline').must_equal 'https://mychefcompliance/owners/admin/compliance/apache-baseline/tar'
Compliance::API.target_url(config, 'admin/apache-baseline#2.0.2').must_equal 'https://mychefcompliance/owners/admin/compliance/apache-baseline/tar'
end
end
describe 'exist?' do
it 'works with profiles returned by Automate' do
config = Compliance::Configuration.new
config.clean
config['server_type'] = 'automate'
config['server'] = 'https://myautomate'
config['version'] = '1.6.99'
Compliance::API.stubs(:profiles).returns([nil, profiles_response])
Compliance::API.exist?(config, 'admin/apache-baseline').must_equal true
Compliance::API.exist?(config, 'admin/apache-baseline#2.0.1').must_equal true
Compliance::API.exist?(config, 'admin/apache-baseline#2.0.999').must_equal false
Compliance::API.exist?(config, 'admin/missing-in-action').must_equal false
end
end
end