mirror of
https://github.com/inspec/inspec
synced 2025-02-22 08:58:44 +00:00
Merge pull request #5638 from inspec/nm/fetcher-default-branch-fix
Fix url fetcher when default git profile branch is not master
This commit is contained in:
commit
681e2eacfa
2 changed files with 62 additions and 5 deletions
|
@ -44,11 +44,17 @@ module Inspec::Fetcher
|
|||
# - Branch URL
|
||||
# - Commit URL
|
||||
#
|
||||
# master url:
|
||||
# master url(default branch master):
|
||||
# https://github.com/nathenharvey/tmp_compliance_profile/ is transformed to
|
||||
# https://github.com/nathenharvey/tmp_compliance_profile/archive/master.tar.gz
|
||||
# https://bitbucket.org/username/repo is transformed to
|
||||
# https://bitbucket.org/username/repo/get/master.tar.gz
|
||||
|
||||
# main url(default branch main):
|
||||
# https://github.com/nathenharvey/tmp_compliance_profile/ is transformed to
|
||||
# https://github.com/nathenharvey/tmp_compliance_profile/archive/main.tar.gz
|
||||
# https://bitbucket.org/username/repo is transformed to
|
||||
# https://bitbucket.org/username/repo/get/main.tar.gz
|
||||
#
|
||||
# branch:
|
||||
# https://github.com/hardening-io/tests-os-hardening/tree/2.0 is transformed to
|
||||
|
@ -68,14 +74,18 @@ module Inspec::Fetcher
|
|||
BITBUCKET_URL_REGEX = %r{^https?://(www\.)?bitbucket\.org/(?<user>[\w-]+)/(?<repo>[\w-]+)(\.git)?(/)?$}.freeze
|
||||
BITBUCKET_URL_BRANCH_REGEX = %r{^https?://(www\.)?bitbucket\.org/(?<user>[\w-]+)/(?<repo>[\w-]+)/branch/(?<branch>[\w\.]+)(/)?$}.freeze
|
||||
BITBUCKET_URL_COMMIT_REGEX = %r{^https?://(www\.)?bitbucket\.org/(?<user>[\w-]+)/(?<repo>[\w-]+)/commits/(?<commit>[\w\.]+)(/)?$}.freeze
|
||||
GITHUB_URL = "https://github.com".freeze
|
||||
BITBUCKET_URL = "https://bitbucket.org".freeze
|
||||
|
||||
def self.transform(target)
|
||||
transformed_target = if m = GITHUB_URL_REGEX.match(target) # rubocop:disable Lint/AssignmentInCondition
|
||||
"https://github.com/#{m[:user]}/#{m[:repo]}/archive/master.tar.gz"
|
||||
default_branch = default_ref(m, GITHUB_URL)
|
||||
"https://github.com/#{m[:user]}/#{m[:repo]}/archive/#{default_branch}.tar.gz"
|
||||
elsif m = GITHUB_URL_WITH_TREE_REGEX.match(target) # rubocop:disable Lint/AssignmentInCondition
|
||||
"https://github.com/#{m[:user]}/#{m[:repo]}/archive/#{m[:commit]}.tar.gz"
|
||||
elsif m = BITBUCKET_URL_REGEX.match(target) # rubocop:disable Lint/AssignmentInCondition
|
||||
"https://bitbucket.org/#{m[:user]}/#{m[:repo]}/get/master.tar.gz"
|
||||
default_branch = default_ref(m, BITBUCKET_URL)
|
||||
"https://bitbucket.org/#{m[:user]}/#{m[:repo]}/get/#{default_branch}.tar.gz"
|
||||
elsif m = BITBUCKET_URL_BRANCH_REGEX.match(target) # rubocop:disable Lint/AssignmentInCondition
|
||||
"https://bitbucket.org/#{m[:user]}/#{m[:repo]}/get/#{m[:branch]}.tar.gz"
|
||||
elsif m = BITBUCKET_URL_COMMIT_REGEX.match(target) # rubocop:disable Lint/AssignmentInCondition
|
||||
|
@ -120,6 +130,38 @@ module Inspec::Fetcher
|
|||
|
||||
private
|
||||
|
||||
class << self
|
||||
def default_ref(match_data, repo_url)
|
||||
remote_url = "#{repo_url}/#{match_data[:user]}/#{match_data[:repo]}.git"
|
||||
command_string = "git remote show #{remote_url}"
|
||||
cmd = shellout(command_string)
|
||||
unless cmd.exitstatus == 0
|
||||
raise(Inspec::FetcherFailure, "Profile git dependency failed with default reference - #{remote_url} - error running '#{command_string}': #{cmd.stderr}")
|
||||
else
|
||||
ref = cmd.stdout.lines.detect { |l| l.include? "HEAD branch:" }&.split(":")&.last&.strip
|
||||
unless ref
|
||||
raise(Inspec::FetcherFailure, "Profile git dependency failed with default reference - #{remote_url} - error running '#{command_string}': NULL reference")
|
||||
end
|
||||
|
||||
ref
|
||||
end
|
||||
end
|
||||
|
||||
def shellout(cmd, opts = {})
|
||||
Inspec::Log.debug("Running external command: #{cmd} (#{opts})")
|
||||
cmd = Mixlib::ShellOut.new(cmd, opts)
|
||||
cmd.run_command
|
||||
Inspec::Log.debug("External command: completed with exit status: #{cmd.exitstatus}")
|
||||
Inspec::Log.debug("External command: STDOUT BEGIN")
|
||||
Inspec::Log.debug(cmd.stdout)
|
||||
Inspec::Log.debug("External command: STDOUT END")
|
||||
Inspec::Log.debug("External command: STDERR BEGIN")
|
||||
Inspec::Log.debug(cmd.stderr)
|
||||
Inspec::Log.debug("External command: STDERR END")
|
||||
cmd
|
||||
end
|
||||
end
|
||||
|
||||
def parse_uri(target)
|
||||
return URI.parse(target) if target.is_a?(String)
|
||||
|
||||
|
|
|
@ -18,6 +18,20 @@ describe Inspec::Fetcher::Url do
|
|||
m
|
||||
end
|
||||
|
||||
let(:git_remote_head_main) do
|
||||
out = mock
|
||||
out.stubs(:stdout).returns("HEAD branch: main\n")
|
||||
out.stubs(:exitstatus).returns(0)
|
||||
out.stubs(:stderr).returns("")
|
||||
out.stubs(:error!).returns(false)
|
||||
out.stubs(:run_command).returns(true)
|
||||
out
|
||||
end
|
||||
|
||||
def expect_git_remote_head_main(remote_url)
|
||||
Mixlib::ShellOut.expects(:new).returns(git_remote_head_main)
|
||||
end
|
||||
|
||||
def expect_url_transform
|
||||
@mock_logger = Minitest::Mock.new
|
||||
@mock_logger.expect(:warn, nil, [/URL target.*transformed/])
|
||||
|
@ -72,7 +86,7 @@ describe Inspec::Fetcher::Url do
|
|||
res = Inspec::Fetcher::Url.resolve(github)
|
||||
res.expects(:open).returns(mock_open)
|
||||
_(res).wont_be_nil
|
||||
_(res.resolved_source).must_equal({ url: "https://github.com/chef/inspec/archive/master.tar.gz", sha256: expected_shasum })
|
||||
_(res.resolved_source).must_equal({ url: "https://github.com/chef/inspec/archive/main.tar.gz", sha256: expected_shasum })
|
||||
end
|
||||
end
|
||||
end
|
||||
|
@ -116,10 +130,11 @@ describe Inspec::Fetcher::Url do
|
|||
http://www.bitbucket.org/chef/inspec.git}.each do |bitbucket|
|
||||
it "resolves a bitbucket url #{bitbucket}" do
|
||||
expect_url_transform do
|
||||
expect_git_remote_head_main(bitbucket)
|
||||
res = Inspec::Fetcher::Url.resolve(bitbucket)
|
||||
res.expects(:open).returns(mock_open)
|
||||
_(res).wont_be_nil
|
||||
_(res.resolved_source).must_equal({ url: "https://bitbucket.org/chef/inspec/get/master.tar.gz", sha256: expected_shasum })
|
||||
_(res.resolved_source).must_equal({ url: "https://bitbucket.org/chef/inspec/get/main.tar.gz", sha256: expected_shasum })
|
||||
end
|
||||
end
|
||||
end
|
||||
|
|
Loading…
Add table
Reference in a new issue