mirror of
https://github.com/inspec/inspec
synced 2024-11-27 07:00:39 +00:00
mssql_session resource: add port parameter (#2429)
* adding SQL 2012 SP1 for mssql_session testing Signed-off-by: Vern Burton <me@vernburton.com> * updating SHA to match new commands with ports in them Signed-off-by: Vern Burton <me@vernburton.com> * adding port, and a default value and moving from skip_resource to resource_fail Signed-off-by: Vern Burton <me@vernburton.com> * adding new sha for custom host Signed-off-by: Vern Burton <me@vernburton.com> * adding tests for hostname and migrating test that passed port in host to a dedicated port test Signed-off-by: Vern Burton <me@vernburton.com> * adding integration test Signed-off-by: Vern Burton <me@vernburton.com> * removing services as appveyor does not have integration testing running so it would be a waste of time to enable it Signed-off-by: Vern Burton <me@vernburton.com> * mock instance command Signed-off-by: Vern Burton <me@vernburton.com> * making instance readable Signed-off-by: Vern Burton <me@vernburton.com> * adding instance test Signed-off-by: Vern Burton <me@vernburton.com> * moving to ResourceSkipped as ResourceFailed is targeted for a major release Signed-off-by: Vern Burton <me@vernburton.com>
This commit is contained in:
parent
65589f8f78
commit
712ba520ad
4 changed files with 46 additions and 12 deletions
|
@ -25,13 +25,13 @@ module Inspec::Resources
|
|||
|
||||
# Passing no credentials to mssql_session forces it to use Windows authentication
|
||||
sql_windows_auth = mssql_session
|
||||
describe sql.query(\"SELECT SERVERPROPERTY('IsIntegratedSecurityOnly') as \\\"login_mode\\\";\").row(0).column('login_mode') do
|
||||
describe sql_windows_auth.query(\"SELECT SERVERPROPERTY('IsIntegratedSecurityOnly') as \\\"login_mode\\\";\").row(0).column('login_mode') do
|
||||
its('value') { should_not be_empty }
|
||||
its('value') { should cmp == 1 }
|
||||
end
|
||||
"
|
||||
|
||||
attr_reader :user, :password, :host
|
||||
attr_reader :user, :password, :host, :port, :instance
|
||||
def initialize(opts = {})
|
||||
@user = opts[:user]
|
||||
@password = opts[:password] || opts[:pass]
|
||||
|
@ -39,12 +39,13 @@ module Inspec::Resources
|
|||
warn '[DEPRECATED] use `password` option to supply password instead of `pass`'
|
||||
end
|
||||
@host = opts[:host] || 'localhost'
|
||||
@port = opts[:port] || '1433'
|
||||
@instance = opts[:instance]
|
||||
|
||||
# check if sqlcmd is available
|
||||
return skip_resource('sqlcmd is missing') if !inspec.command('sqlcmd').exist?
|
||||
raise Inspec::Exceptions::ResourceSkipped, 'sqlcmd is missing' unless inspec.command('sqlcmd').exist?
|
||||
# check that database is reachable
|
||||
return skip_resource("Can't connect to the MS SQL Server.") if !test_connection
|
||||
raise Inspec::Exceptions::ResourceSkipped, "Can't connect to the MS SQL Server." unless test_connection
|
||||
end
|
||||
|
||||
def query(q)
|
||||
|
@ -53,9 +54,9 @@ module Inspec::Resources
|
|||
cmd_string = "sqlcmd -Q \"set nocount on; #{escaped_query}\" -W -w 1024 -s ','"
|
||||
cmd_string += " -U '#{@user}' -P '#{@password}'" unless @user.nil? || @password.nil?
|
||||
if @instance.nil?
|
||||
cmd_string += " -S '#{@host}'"
|
||||
cmd_string += " -S '#{@host},#{@port}'"
|
||||
else
|
||||
cmd_string += " -S '#{@host}\\#{@instance}'"
|
||||
cmd_string += " -S '#{@host},#{@port}\\#{@instance}'"
|
||||
end
|
||||
cmd = inspec.command(cmd_string)
|
||||
out = cmd.stdout + "\n" + cmd.stderr
|
||||
|
|
|
@ -415,8 +415,10 @@ class MockLoader
|
|||
%q(psql --version | awk '{ print $NF }' | awk -F. '{ print $1"."$2 }') => cmd.call('psql-version'),
|
||||
# mssql tests
|
||||
"bash -c 'type \"sqlcmd\"'" => cmd.call('mssql-sqlcmd'),
|
||||
"4b550bb227058ac5851aa0bc946be794ee46489610f17842700136cf8bb5a0e9" => cmd.call('mssql-getdate'),
|
||||
"aeb859a4ae4288df230916075c0de28781a2b215f41d64ed1ea9c3fd633140fa" => cmd.call('mssql-result'),
|
||||
"cb0efcd12206e9690c21ac631a72be9dd87678aa048e6dae16b8e9353ab6dd64" => cmd.call('mssql-getdate'),
|
||||
"e8bece33e9d550af1fc81a5bc1c72b647b3810db3e567ee9f30feb81f4e3b700" => cmd.call('mssql-getdate'),
|
||||
"53d201ff1cfb8867b79200177b8e2e99dedb700c5fbe15e43820011d7e8b941f" => cmd.call('mssql-getdate'),
|
||||
"7d1a7a0f2bd1e7da9a6904e1f28981146ec01a0323623e12a8579d30a3960a79" => cmd.call('mssql-result'),
|
||||
"5c2bc0f0568d11451d6cf83aff02ee3d47211265b52b6c5d45f8e57290b35082" => cmd.call('mssql-getdate'),
|
||||
# oracle
|
||||
"bash -c 'type \"sqlplus\"'" => cmd.call('oracle-cmd'),
|
||||
|
|
12
test/integration/default/controls/mssql_session_spec.rb
Normal file
12
test/integration/default/controls/mssql_session_spec.rb
Normal file
|
@ -0,0 +1,12 @@
|
|||
# encoding: utf-8
|
||||
|
||||
# the following test will query the MSSQL database for the Server Property of IsIntegratedSecurityOnly which should be
|
||||
# 0 which means that it is using both Windows Authentication and SQL Server Authentication.
|
||||
# @see https://docs.microsoft.com/en-us/sql/t-sql/functions/serverproperty-transact-sql
|
||||
if os.windows?
|
||||
sql_windows_auth = mssql_session(user: 'sa', pass: 'Password12!', instance: 'SQL2012SP1')
|
||||
describe sql_windows_auth.query("SELECT SERVERPROPERTY('IsIntegratedSecurityOnly') as \\\"login_mode\\\";").row(0).column('login_mode') do
|
||||
its('value') { should_not be_empty }
|
||||
its('value') { should cmp == 1 }
|
||||
end
|
||||
end
|
|
@ -5,18 +5,37 @@
|
|||
require 'helper'
|
||||
|
||||
describe 'Inspec::Resources::MssqlSession' do
|
||||
it 'verify mssql_session configuration' do
|
||||
resource = load_resource('mssql_session', user: 'sa', password: 'yourStrong(!)Password', host: 'localhost')
|
||||
it 'verify default mssql_session configuration' do
|
||||
resource = load_resource('mssql_session', user: 'sa', password: 'yourStrong(!)Password')
|
||||
_(resource.user).must_equal 'sa'
|
||||
_(resource.password).must_equal 'yourStrong(!)Password'
|
||||
_(resource.host).must_equal 'localhost'
|
||||
_(resource.port).must_equal '1433'
|
||||
end
|
||||
|
||||
it 'verify mssql_session configuration with custom hostname' do
|
||||
resource = load_resource('mssql_session', user: 'sa', password: 'yourStrong(!)Password', host: 'inspec.domain.tld')
|
||||
_(resource.user).must_equal 'sa'
|
||||
_(resource.password).must_equal 'yourStrong(!)Password'
|
||||
_(resource.host).must_equal 'inspec.domain.tld'
|
||||
_(resource.port).must_equal '1433'
|
||||
end
|
||||
|
||||
it 'verify mssql_session configuration with custom instance' do
|
||||
resource = load_resource('mssql_session', user: 'sa', password: 'yourStrong(!)Password', instance: 'SQL2012INSPEC')
|
||||
_(resource.user).must_equal 'sa'
|
||||
_(resource.password).must_equal 'yourStrong(!)Password'
|
||||
_(resource.host).must_equal 'localhost'
|
||||
_(resource.port).must_equal '1433'
|
||||
_(resource.instance).must_equal 'SQL2012INSPEC'
|
||||
end
|
||||
|
||||
it 'verify mssql_session configuration with custom sqlserver port and user in domain' do
|
||||
resource = load_resource('mssql_session', user: 'DOMAIN\sa', password: 'yourStrong(!)Password', host: 'localhost,1533')
|
||||
resource = load_resource('mssql_session', user: 'DOMAIN\sa', password: 'yourStrong(!)Password', host: 'localhost', port: '1533')
|
||||
_(resource.user).must_equal 'DOMAIN\sa'
|
||||
_(resource.password).must_equal 'yourStrong(!)Password'
|
||||
_(resource.host).must_equal 'localhost,1533'
|
||||
_(resource.host).must_equal 'localhost'
|
||||
_(resource.port).must_equal '1533'
|
||||
end
|
||||
|
||||
it 'run a SQL query' do
|
||||
|
|
Loading…
Reference in a new issue