Store waiver information in control metadata and pass into report run_data

Signed-off-by: Clinton Wolfe <clintoncwolfe@gmail.com>
2024-11-27 15:10:44 +00:00 · 2019-09-04 13:09:40 -04:00 · 2019-09-04 13:09:40 -04:00 · 9fd0fb242c
commit 9fd0fb242c
parent 43bc7e0343
3 changed files with 15 additions and 6 deletions
--- a/lib/inspec/formatters/base.rb
+++ b/lib/inspec/formatters/base.rb
@ -158,6 +158,7 @@ module Inspec::Formatters
        start_time: example.execution_result.started_at.to_datetime.rfc3339.to_s,
        resource_title: example.metadata[:described_class] || example.metadata[:example_group][:description],
        expectation_message: format_expectation_message(example),
+        waiver_data: example.metadata[:waiver_data],
      }

      unless (pid = example.metadata[:profile_id]).nil?
--- a/lib/inspec/rule.rb
+++ b/lib/inspec/rule.rb
@ -29,6 +29,7 @@ module Inspec
      @resource_dsl
    end

+    attr_reader :__waiver_data
    def initialize(id, profile_id, opts, &block)
      @impact = nil
      @title = nil
@ -292,22 +293,27 @@ module Inspec
      # over time. Its value can be set by many sources, and it keeps a
      # log of each "set" event so that when it is collapsed to a value,
      # it can determine the correct (highest priority) value.
-      waiver_info = input.value
+      # Store in an instance variable for.. later reading???
+      @__waiver_data = input.value
+      __waiver_data["skipped_due_to_waiver"] = false
+      __waiver_data["message"] = ""

      # Waivers should have a hash value with keys possibly including skip and
      # expiration_date. We only care here if it has a skip key and it
      # is yes-like, since all non-skipped waiver operations are handled
      # during reporting phase.
-      return unless waiver_info.key?("skip")
-      return unless waiver_info["skip"].to_s.match(/y|yes|true/i)
+      return unless __waiver_data.key?("skip") && __waiver_data["skip"]

      # OK, the intent is to skip. Does it have an expiration date, and
      # if so, is it in the future?
-      expiry = waiver_info["expiration_date"]
+      expiry = __waiver_data["expiration_date"]
      if expiry
        if expiry.is_a?(Date)
          # It appears that yaml.rb automagically parses dates for us
-          return if expiry < Date.today # If the waiver expired, return - no skip applied
+          if expiry < Date.today # If the waiver expired, return - no skip applied
+            __waiver_data["message"] = "Waiver expired on #{expiry}, evaluating control normally"
+          end
+          return
        else
          ui = Inspec::UI.new
          ui.error("Unable to parse waiver expiration date '#{expiry}' for control #{@__rule_id}")
@ -318,7 +324,8 @@ module Inspec
      # OK, apply a skip.
      @__skip_rule[:result] = true
      @__skip_rule[:type] = :waiver
-      @__skip_rule[:message] = waiver_info["justification"]
+      @__skip_rule[:message] = __waiver_data["justification"]
+      __waiver_data["skipped_due_to_waiver"] = true
    end

    #
--- a/lib/inspec/runner_rspec.rb
+++ b/lib/inspec/runner_rspec.rb
@ -171,6 +171,7 @@ module Inspec
      metadata[:descriptions] = rule.descriptions
      metadata[:code] = rule.instance_variable_get(:@__code)
      metadata[:source_location] = rule.instance_variable_get(:@__source_location)
+      metadata[:waiver_data] = rule.__waiver_data
    end
  end
 end