mssql_session resource: add port parameter (#2429)

* adding SQL 2012 SP1 for mssql_session testing Signed-off-by: Vern Burton <me@vernburton.com> * updating SHA to match new commands with ports in them Signed-off-by: Vern Burton <me@vernburton.com> * adding port, and a default value and moving from skip_resource to resource_fail Signed-off-by: Vern Burton <me@vernburton.com> * adding new sha for custom host Signed-off-by: Vern Burton <me@vernburton.com> * adding tests for hostname and migrating test that passed port in host to a dedicated port test Signed-off-by: Vern Burton <me@vernburton.com> * adding integration test Signed-off-by: Vern Burton <me@vernburton.com> * removing services as appveyor does not have integration testing running so it would be a waste of time to enable it Signed-off-by: Vern Burton <me@vernburton.com> * mock instance command Signed-off-by: Vern Burton <me@vernburton.com> * making instance readable Signed-off-by: Vern Burton <me@vernburton.com> * adding instance test Signed-off-by: Vern Burton <me@vernburton.com> * moving to ResourceSkipped as ResourceFailed is targeted for a major release Signed-off-by: Vern Burton <me@vernburton.com>
2024-11-23 13:13:22 +00:00 · 2018-01-16 16:04:00 -06:00 · 2018-01-16 16:04:00 -06:00 · 712ba520ad
commit 712ba520ad
parent 65589f8f78
4 changed files with 46 additions and 12 deletions
--- a/lib/resources/mssql_session.rb
+++ b/lib/resources/mssql_session.rb
@ -25,13 +25,13 @@ module Inspec::Resources

      # Passing no credentials to mssql_session forces it to use Windows authentication
      sql_windows_auth = mssql_session
-      describe sql.query(\"SELECT SERVERPROPERTY('IsIntegratedSecurityOnly') as \\\"login_mode\\\";\").row(0).column('login_mode') do
+      describe sql_windows_auth.query(\"SELECT SERVERPROPERTY('IsIntegratedSecurityOnly') as \\\"login_mode\\\";\").row(0).column('login_mode') do
        its('value') { should_not be_empty }
        its('value') { should cmp == 1 }
      end
    "

-    attr_reader :user, :password, :host
+    attr_reader :user, :password, :host, :port, :instance
    def initialize(opts = {})
      @user = opts[:user]
      @password = opts[:password] || opts[:pass]
@ -39,12 +39,13 @@ module Inspec::Resources
        warn '[DEPRECATED] use `password` option to supply password instead of `pass`'
      end
      @host = opts[:host] || 'localhost'
+      @port = opts[:port] || '1433'
      @instance = opts[:instance]

      # check if sqlcmd is available
-      return skip_resource('sqlcmd is missing') if !inspec.command('sqlcmd').exist?
+      raise Inspec::Exceptions::ResourceSkipped, 'sqlcmd is missing' unless inspec.command('sqlcmd').exist?
      # check that database is reachable
-      return skip_resource("Can't connect to the MS SQL Server.") if !test_connection
+      raise Inspec::Exceptions::ResourceSkipped, "Can't connect to the MS SQL Server." unless test_connection
    end

    def query(q)
@ -53,9 +54,9 @@ module Inspec::Resources
      cmd_string = "sqlcmd -Q \"set nocount on; #{escaped_query}\" -W -w 1024 -s ','"
      cmd_string += " -U '#{@user}' -P '#{@password}'" unless @user.nil? || @password.nil?
      if @instance.nil?
-        cmd_string += " -S '#{@host}'"
+        cmd_string += " -S '#{@host},#{@port}'"
      else
-        cmd_string += " -S '#{@host}\\#{@instance}'"
+        cmd_string += " -S '#{@host},#{@port}\\#{@instance}'"
      end
      cmd = inspec.command(cmd_string)
      out = cmd.stdout + "\n" + cmd.stderr
--- a/test/helper.rb
+++ b/test/helper.rb
@ -415,8 +415,10 @@ class MockLoader
      %q(psql --version | awk '{ print $NF }' | awk -F. '{ print $1"."$2 }') => cmd.call('psql-version'),
      # mssql tests
      "bash -c 'type \"sqlcmd\"'" => cmd.call('mssql-sqlcmd'),
-      "4b550bb227058ac5851aa0bc946be794ee46489610f17842700136cf8bb5a0e9" => cmd.call('mssql-getdate'),
-      "aeb859a4ae4288df230916075c0de28781a2b215f41d64ed1ea9c3fd633140fa" => cmd.call('mssql-result'),
+      "cb0efcd12206e9690c21ac631a72be9dd87678aa048e6dae16b8e9353ab6dd64" => cmd.call('mssql-getdate'),
+      "e8bece33e9d550af1fc81a5bc1c72b647b3810db3e567ee9f30feb81f4e3b700" => cmd.call('mssql-getdate'),
+      "53d201ff1cfb8867b79200177b8e2e99dedb700c5fbe15e43820011d7e8b941f" => cmd.call('mssql-getdate'),
+      "7d1a7a0f2bd1e7da9a6904e1f28981146ec01a0323623e12a8579d30a3960a79" => cmd.call('mssql-result'),
      "5c2bc0f0568d11451d6cf83aff02ee3d47211265b52b6c5d45f8e57290b35082" => cmd.call('mssql-getdate'),
      # oracle
      "bash -c 'type \"sqlplus\"'" => cmd.call('oracle-cmd'),
--- a/test/integration/default/controls/mssql_session_spec.rb
+++ b/test/integration/default/controls/mssql_session_spec.rb
@ -0,0 +1,12 @@
+# encoding: utf-8
+
+# the following test will query the MSSQL database for the Server Property of IsIntegratedSecurityOnly which should be
+# 0 which means that it is using both Windows Authentication and SQL Server Authentication.
+# @see https://docs.microsoft.com/en-us/sql/t-sql/functions/serverproperty-transact-sql
+if os.windows?
+  sql_windows_auth = mssql_session(user: 'sa', pass: 'Password12!', instance: 'SQL2012SP1')
+  describe sql_windows_auth.query("SELECT SERVERPROPERTY('IsIntegratedSecurityOnly') as \\\"login_mode\\\";").row(0).column('login_mode') do
+    its('value') { should_not be_empty }
+    its('value') { should cmp == 1 }
+  end
+end
--- a/test/unit/resources/mssql_session_test.rb
+++ b/test/unit/resources/mssql_session_test.rb
@ -5,18 +5,37 @@
 require 'helper'

 describe 'Inspec::Resources::MssqlSession' do
-  it 'verify mssql_session configuration' do
-    resource = load_resource('mssql_session', user: 'sa', password: 'yourStrong(!)Password', host: 'localhost')
+  it 'verify default mssql_session configuration' do
+    resource = load_resource('mssql_session', user: 'sa', password: 'yourStrong(!)Password')
    _(resource.user).must_equal 'sa'
    _(resource.password).must_equal 'yourStrong(!)Password'
    _(resource.host).must_equal 'localhost'
+    _(resource.port).must_equal '1433'
+  end
+
+  it 'verify mssql_session configuration with custom hostname' do
+    resource = load_resource('mssql_session', user: 'sa', password: 'yourStrong(!)Password', host: 'inspec.domain.tld')
+    _(resource.user).must_equal 'sa'
+    _(resource.password).must_equal 'yourStrong(!)Password'
+    _(resource.host).must_equal 'inspec.domain.tld'
+    _(resource.port).must_equal '1433'
+  end
+
+  it 'verify mssql_session configuration with custom instance' do
+    resource = load_resource('mssql_session', user: 'sa', password: 'yourStrong(!)Password', instance: 'SQL2012INSPEC')
+    _(resource.user).must_equal 'sa'
+    _(resource.password).must_equal 'yourStrong(!)Password'
+    _(resource.host).must_equal 'localhost'
+    _(resource.port).must_equal '1433'
+    _(resource.instance).must_equal 'SQL2012INSPEC'
  end

  it 'verify mssql_session configuration with custom sqlserver port and user in domain' do
-    resource = load_resource('mssql_session', user: 'DOMAIN\sa', password: 'yourStrong(!)Password', host: 'localhost,1533')
+    resource = load_resource('mssql_session', user: 'DOMAIN\sa', password: 'yourStrong(!)Password', host: 'localhost', port: '1533')
    _(resource.user).must_equal 'DOMAIN\sa'
    _(resource.password).must_equal 'yourStrong(!)Password'
-    _(resource.host).must_equal 'localhost,1533'
+    _(resource.host).must_equal 'localhost'
+    _(resource.port).must_equal '1533'
  end

  it 'run a SQL query' do