mirror of
https://github.com/inspec/inspec
synced 2024-11-30 08:30:39 +00:00
http resource: Make remote worker the default (#2520)
* http resource: Make remote worker the default Signed-off-by: Jerry Aldrich <jerryaldrichiii@gmail.com>
This commit is contained in:
parent
ecbede56fa
commit
9ebd807ea4
2 changed files with 19 additions and 37 deletions
|
@ -6,13 +6,6 @@ title: About the http Resource
|
|||
|
||||
Use the `http` InSpec audit resource to test an http endpoint.
|
||||
|
||||
<p class="warning">In InSpec 1.40 and earlier, this resource always executes on the host on which <code>inspec exec</code> is run, even if you use the <code>--target</code> option to remotely scan a different host.<br>
|
||||
<br>
|
||||
Beginning with InSpec 1.41, you can enable the ability to have the HTTP test execute on the remote target, provided <code>curl</code> is available. See the "Local vs. Remote" section below.<br>
|
||||
<br>
|
||||
Executing the HTTP test on the remote target will be the default behavior in InSpec 2.0.
|
||||
</p>
|
||||
|
||||
<br>
|
||||
|
||||
## Syntax
|
||||
|
@ -38,15 +31,6 @@ where
|
|||
* `ssl_verify` may be specified to enable or disable verification of SSL certificates (default to `true`)
|
||||
|
||||
<br>
|
||||
## Local vs. Remote
|
||||
|
||||
Beginning with InSpec 1.41, you can enable the ability to have the HTTP test execute on the remote target:
|
||||
|
||||
describe http('http://www.example.com', enable_remote_worker: true) do
|
||||
its('body') { should cmp 'awesome' }
|
||||
end
|
||||
|
||||
In InSpec 2.0, the HTTP test will automatically execute remotely whenever InSpec is testing a remote node.
|
||||
|
||||
## Examples
|
||||
|
||||
|
|
|
@ -22,23 +22,27 @@ module Inspec::Resources
|
|||
its('Content-Length') { should cmp 258 }
|
||||
its('Content-Type') { should cmp 'text/html; charset=UTF-8' }
|
||||
end
|
||||
|
||||
# properly execute the HTTP call on the scanned machine instead of the
|
||||
# machine executing InSpec. This will be the default behavior in InSpec 2.0.
|
||||
describe http('http://localhost:8080', enable_remote_worker: true) do
|
||||
its('body') { should cmp 'local web server on target machine' }
|
||||
end
|
||||
"
|
||||
|
||||
def initialize(url, opts = {})
|
||||
@url = url
|
||||
@opts = opts
|
||||
|
||||
if use_remote_worker?
|
||||
return skip_resource 'curl is not available on the target machine' unless inspec.command('curl').exist?
|
||||
@worker = Worker::Remote.new(inspec, http_method, url, opts)
|
||||
else
|
||||
# Prior to InSpec 2.0 the HTTP test had to be instructed to run on the
|
||||
# remote target machine. This warning will be removed after a few months
|
||||
# to give users an opportunity to remove the unused option from their
|
||||
# profiles.
|
||||
if opts.key?(:enable_remote_worker) && !inspec.local_transport?
|
||||
warn 'Ignoring `enable_remote_worker` option, the `http` resource ',
|
||||
'remote worker is enabled by default for remote targets and ',
|
||||
'cannot be disabled'
|
||||
end
|
||||
|
||||
# Run locally if InSpec is ran locally and remotely if ran remotely
|
||||
if inspec.local_transport?
|
||||
@worker = Worker::Local.new(http_method, url, opts)
|
||||
else
|
||||
@worker = Worker::Remote.new(inspec, http_method, url, opts)
|
||||
end
|
||||
end
|
||||
|
||||
|
@ -62,17 +66,6 @@ module Inspec::Resources
|
|||
"http #{http_method} on #{@url}"
|
||||
end
|
||||
|
||||
private
|
||||
|
||||
def use_remote_worker?
|
||||
return false if inspec.local_transport?
|
||||
return true if @opts[:enable_remote_worker]
|
||||
|
||||
warn "[DEPRECATION] #{self} will execute locally instead of the target machine. To execute remotely, add `enable_remote_worker: true`."
|
||||
warn '[DEPRECATION] `enable_remote_worker: true` will be the default behavior in InSpec 2.0.'
|
||||
false
|
||||
end
|
||||
|
||||
class Worker
|
||||
class Base
|
||||
attr_reader :http_method, :opts, :url
|
||||
|
@ -154,6 +147,11 @@ module Inspec::Resources
|
|||
attr_reader :inspec
|
||||
|
||||
def initialize(inspec, http_method, url, opts)
|
||||
unless inspec.command('curl').exist?
|
||||
raise Inspec::Exceptions::ResourceSkipped,
|
||||
'curl is not available on the target machine'
|
||||
end
|
||||
|
||||
@inspec = inspec
|
||||
super(http_method, url, opts)
|
||||
end
|
||||
|
|
Loading…
Reference in a new issue