2
0
Fork 0
mirror of https://github.com/inspec/inspec synced 2025-02-22 08:58:44 +00:00

Merge pull request from inspec/nm/fetcher-default-branch-fix

Fix url fetcher when default git profile branch is not master
This commit is contained in:
Clinton Wolfe 2021-08-31 23:27:56 -04:00 committed by GitHub
commit 681e2eacfa
No known key found for this signature in database
GPG key ID: 4AEE18F83AFDEB23
2 changed files with 62 additions and 5 deletions
lib/inspec/fetcher
test/unit/fetchers

View file

@ -44,11 +44,17 @@ module Inspec::Fetcher
# - Branch URL
# - Commit URL
#
# master url:
# master url(default branch master):
# https://github.com/nathenharvey/tmp_compliance_profile/ is transformed to
# https://github.com/nathenharvey/tmp_compliance_profile/archive/master.tar.gz
# https://bitbucket.org/username/repo is transformed to
# https://bitbucket.org/username/repo/get/master.tar.gz
# main url(default branch main):
# https://github.com/nathenharvey/tmp_compliance_profile/ is transformed to
# https://github.com/nathenharvey/tmp_compliance_profile/archive/main.tar.gz
# https://bitbucket.org/username/repo is transformed to
# https://bitbucket.org/username/repo/get/main.tar.gz
#
# branch:
# https://github.com/hardening-io/tests-os-hardening/tree/2.0 is transformed to
@ -68,14 +74,18 @@ module Inspec::Fetcher
BITBUCKET_URL_REGEX = %r{^https?://(www\.)?bitbucket\.org/(?<user>[\w-]+)/(?<repo>[\w-]+)(\.git)?(/)?$}.freeze
BITBUCKET_URL_BRANCH_REGEX = %r{^https?://(www\.)?bitbucket\.org/(?<user>[\w-]+)/(?<repo>[\w-]+)/branch/(?<branch>[\w\.]+)(/)?$}.freeze
BITBUCKET_URL_COMMIT_REGEX = %r{^https?://(www\.)?bitbucket\.org/(?<user>[\w-]+)/(?<repo>[\w-]+)/commits/(?<commit>[\w\.]+)(/)?$}.freeze
GITHUB_URL = "https://github.com".freeze
BITBUCKET_URL = "https://bitbucket.org".freeze
def self.transform(target)
transformed_target = if m = GITHUB_URL_REGEX.match(target) # rubocop:disable Lint/AssignmentInCondition
"https://github.com/#{m[:user]}/#{m[:repo]}/archive/master.tar.gz"
default_branch = default_ref(m, GITHUB_URL)
"https://github.com/#{m[:user]}/#{m[:repo]}/archive/#{default_branch}.tar.gz"
elsif m = GITHUB_URL_WITH_TREE_REGEX.match(target) # rubocop:disable Lint/AssignmentInCondition
"https://github.com/#{m[:user]}/#{m[:repo]}/archive/#{m[:commit]}.tar.gz"
elsif m = BITBUCKET_URL_REGEX.match(target) # rubocop:disable Lint/AssignmentInCondition
"https://bitbucket.org/#{m[:user]}/#{m[:repo]}/get/master.tar.gz"
default_branch = default_ref(m, BITBUCKET_URL)
"https://bitbucket.org/#{m[:user]}/#{m[:repo]}/get/#{default_branch}.tar.gz"
elsif m = BITBUCKET_URL_BRANCH_REGEX.match(target) # rubocop:disable Lint/AssignmentInCondition
"https://bitbucket.org/#{m[:user]}/#{m[:repo]}/get/#{m[:branch]}.tar.gz"
elsif m = BITBUCKET_URL_COMMIT_REGEX.match(target) # rubocop:disable Lint/AssignmentInCondition
@ -120,6 +130,38 @@ module Inspec::Fetcher
private
class << self
def default_ref(match_data, repo_url)
remote_url = "#{repo_url}/#{match_data[:user]}/#{match_data[:repo]}.git"
command_string = "git remote show #{remote_url}"
cmd = shellout(command_string)
unless cmd.exitstatus == 0
raise(Inspec::FetcherFailure, "Profile git dependency failed with default reference - #{remote_url} - error running '#{command_string}': #{cmd.stderr}")
else
ref = cmd.stdout.lines.detect { |l| l.include? "HEAD branch:" }&.split(":")&.last&.strip
unless ref
raise(Inspec::FetcherFailure, "Profile git dependency failed with default reference - #{remote_url} - error running '#{command_string}': NULL reference")
end
ref
end
end
def shellout(cmd, opts = {})
Inspec::Log.debug("Running external command: #{cmd} (#{opts})")
cmd = Mixlib::ShellOut.new(cmd, opts)
cmd.run_command
Inspec::Log.debug("External command: completed with exit status: #{cmd.exitstatus}")
Inspec::Log.debug("External command: STDOUT BEGIN")
Inspec::Log.debug(cmd.stdout)
Inspec::Log.debug("External command: STDOUT END")
Inspec::Log.debug("External command: STDERR BEGIN")
Inspec::Log.debug(cmd.stderr)
Inspec::Log.debug("External command: STDERR END")
cmd
end
end
def parse_uri(target)
return URI.parse(target) if target.is_a?(String)

View file

@ -18,6 +18,20 @@ describe Inspec::Fetcher::Url do
m
end
let(:git_remote_head_main) do
out = mock
out.stubs(:stdout).returns("HEAD branch: main\n")
out.stubs(:exitstatus).returns(0)
out.stubs(:stderr).returns("")
out.stubs(:error!).returns(false)
out.stubs(:run_command).returns(true)
out
end
def expect_git_remote_head_main(remote_url)
Mixlib::ShellOut.expects(:new).returns(git_remote_head_main)
end
def expect_url_transform
@mock_logger = Minitest::Mock.new
@mock_logger.expect(:warn, nil, [/URL target.*transformed/])
@ -72,7 +86,7 @@ describe Inspec::Fetcher::Url do
res = Inspec::Fetcher::Url.resolve(github)
res.expects(:open).returns(mock_open)
_(res).wont_be_nil
_(res.resolved_source).must_equal({ url: "https://github.com/chef/inspec/archive/master.tar.gz", sha256: expected_shasum })
_(res.resolved_source).must_equal({ url: "https://github.com/chef/inspec/archive/main.tar.gz", sha256: expected_shasum })
end
end
end
@ -116,10 +130,11 @@ describe Inspec::Fetcher::Url do
http://www.bitbucket.org/chef/inspec.git}.each do |bitbucket|
it "resolves a bitbucket url #{bitbucket}" do
expect_url_transform do
expect_git_remote_head_main(bitbucket)
res = Inspec::Fetcher::Url.resolve(bitbucket)
res.expects(:open).returns(mock_open)
_(res).wont_be_nil
_(res.resolved_source).must_equal({ url: "https://bitbucket.org/chef/inspec/get/master.tar.gz", sha256: expected_shasum })
_(res.resolved_source).must_equal({ url: "https://bitbucket.org/chef/inspec/get/main.tar.gz", sha256: expected_shasum })
end
end
end