mirror of
https://github.com/inspec/inspec
synced 2024-09-20 14:31:58 +00:00
Merge pull request #5757 from inspec/vasundhara/add_proxy_parameter_to_http_resource
Add proxy parameter to http resource
This commit is contained in:
commit
a8170b257c
3 changed files with 70 additions and 5 deletions
|
@ -168,6 +168,42 @@ Beginning with Chef InSpec 1.41, you can enable the ability to have the HTTP tes
|
|||
...
|
||||
end
|
||||
|
||||
### proxy
|
||||
|
||||
Specify a `proxy` to test by passing in the proxy URI or a hash of the proxy URI, a username, and password. Specify `disable` to ignore a proxy set as an environment variable.
|
||||
|
||||
You can include the username and password in the `proxy` parameter:
|
||||
|
||||
describe http('http://localhost:8080/ping', proxy: "http://username:password@www.example.com:3128") do
|
||||
...
|
||||
end
|
||||
|
||||
The `proxy` parameter also accepts proxy options in hash format:
|
||||
|
||||
describe http('http://localhost:8080/ping', proxy: { uri: 'http://www.example.com:3128', user: 'username', password: 'proxypassword'}) do
|
||||
...
|
||||
end
|
||||
|
||||
Use `disable` to ignore the proxy set in the environment variable:
|
||||
|
||||
describe http('http://localhost:8080/ping', proxy: 'disable') do
|
||||
...
|
||||
end
|
||||
|
||||
{{< note >}}
|
||||
|
||||
Windows remote targets do not accept username and password values in a string; use the hash format instead.
|
||||
|
||||
{{< /note >}}
|
||||
|
||||
{{< note >}}
|
||||
|
||||
Special characters in the URI must be converted to their UTF-8 equivalent when passed in to the `proxy` parameter as a string. For example, the string `http://username:bar@123@www.example.com:3128` must be passed in as `http://username:bar%40123@www.example.com:3128` instead.
|
||||
|
||||
Special characters may be passed into the hash format without conversion to UTF-8 characters.
|
||||
|
||||
{{< /note >}}
|
||||
|
||||
## Properties
|
||||
|
||||
### body
|
||||
|
|
|
@ -121,6 +121,10 @@ module Inspec::Resources
|
|||
def max_redirects
|
||||
opts.fetch(:max_redirects, nil)
|
||||
end
|
||||
|
||||
def proxy
|
||||
opts.fetch(:proxy, nil)
|
||||
end
|
||||
end
|
||||
|
||||
class Local < Base
|
||||
|
@ -141,12 +145,18 @@ module Inspec::Resources
|
|||
def response
|
||||
return @response if @response
|
||||
|
||||
Faraday.ignore_env_proxy = true if proxy == "disable"
|
||||
|
||||
conn = Faraday.new(url: url, headers: request_headers, params: params, ssl: { verify: ssl_verify? }) do |builder|
|
||||
builder.request :url_encoded
|
||||
builder.use FaradayMiddleware::FollowRedirects, limit: max_redirects unless max_redirects.nil?
|
||||
builder.adapter Faraday.default_adapter
|
||||
end
|
||||
|
||||
unless proxy == "disable" || proxy.nil?
|
||||
conn.proxy = proxy
|
||||
end
|
||||
|
||||
# set basic authentication
|
||||
conn.basic_auth username, password unless username.nil? || password.nil?
|
||||
|
||||
|
@ -252,6 +262,14 @@ module Inspec::Resources
|
|||
cmd << "-X #{http_method}"
|
||||
end
|
||||
|
||||
cmd << "--noproxy '*'" if proxy == "disable"
|
||||
unless proxy == "disable" || proxy.nil?
|
||||
if proxy.is_a?(Hash)
|
||||
cmd << "--proxy #{proxy[:uri]} --proxy-user #{proxy[:user]}:#{proxy[:password]}"
|
||||
else
|
||||
cmd << "--proxy #{proxy}"
|
||||
end
|
||||
end
|
||||
cmd << "--connect-timeout #{open_timeout}"
|
||||
cmd << "--max-time #{open_timeout + read_timeout}"
|
||||
cmd << "--user \'#{username}:#{password}\'" unless username.nil? || password.nil?
|
||||
|
@ -292,6 +310,17 @@ module Inspec::Resources
|
|||
else
|
||||
cmd << "'#{url}?#{params.map { |e| e.join("=") }.join("&")}'"
|
||||
end
|
||||
|
||||
proxy_script = ""
|
||||
unless proxy == "disable" || proxy.nil?
|
||||
cmd << "-Proxy #{proxy[:uri]}"
|
||||
cmd << "-ProxyCredential $proxyCreds"
|
||||
proxy_script = <<-EOH
|
||||
$secPasswd = ConvertTo-SecureString "#{proxy[:password]}" -AsPlainText -Force
|
||||
$proxyCreds = New-Object System.Management.Automation.PSCredential -ArgumentList "#{proxy[:user]}",$secPasswd
|
||||
EOH
|
||||
end
|
||||
|
||||
command = cmd.join(" ")
|
||||
body = "\'#{request_body}\'"
|
||||
script = <<-EOH
|
||||
|
@ -302,10 +331,10 @@ module Inspec::Resources
|
|||
foreach ($property in $Body.PSObject.Properties) {
|
||||
$HashTable[$property.Name] = $property.Value
|
||||
}
|
||||
$response = #{command} -Body $HashTable
|
||||
$response = #{command} -Body $HashTable -UseBasicParsing
|
||||
$response | Select-Object -Property * | ConvertTo-json # We use `Select-Object -Property * ` to get around an odd PowerShell error
|
||||
EOH
|
||||
script.strip
|
||||
proxy_script.strip + "\n" + script.strip
|
||||
end
|
||||
end
|
||||
end
|
||||
|
|
|
@ -543,9 +543,9 @@ class MockLoader
|
|||
"curl -i -X OPTIONS --connect-timeout 60 --max-time 120 -H 'Access-Control-Request-Method: GET' -H 'Access-Control-Request-Headers: origin, x-requested-with' -H 'Origin: http://www.example.com' 'http://www.example.com'" => cmd.call("http-remote-options-request"),
|
||||
|
||||
# http resource - windows
|
||||
"$body = \n $Body = $body | ConvertFrom-Json\n #convert to hashtable\n $HashTable = @{}\n foreach ($property in $Body.PSObject.Properties) {\n $HashTable[$property.Name] = $property.Value\n }\n $response = Invoke-WebRequest -Method HEAD -TimeoutSec 120 'https://www.example.com' -Body $HashTable\n $response | Select-Object -Property * | ConvertTo-json # We use `Select-Object -Property * ` to get around an odd PowerShell error" => cmd.call("http-windows-remote-no-options"),
|
||||
"$body = \n $Body = $body | ConvertFrom-Json\n #convert to hashtable\n $HashTable = @{}\n foreach ($property in $Body.PSObject.Properties) {\n $HashTable[$property.Name] = $property.Value\n }\n $response = Invoke-WebRequest -Method GET -TimeoutSec 120 'https://www.example.com' -Body $HashTable\n $response | Select-Object -Property * | ConvertTo-json # We use `Select-Object -Property * ` to get around an odd PowerShell error" => cmd.call("http-windows-remote-head"),
|
||||
"$body = '{ \"a\" : \"1\", \"b\" : \"five\" }'\n $Body = $body | ConvertFrom-Json\n #convert to hashtable\n $HashTable = @{}\n foreach ($property in $Body.PSObject.Properties) {\n $HashTable[$property.Name] = $property.Value\n }\n $response = Invoke-WebRequest -Method POST -TimeoutSec 120 'https://www.example.com' -Body $HashTable\n $response | Select-Object -Property * | ConvertTo-json # We use `Select-Object -Property * ` to get around an odd PowerShell error" => cmd.call("http-windows-remote-head"),
|
||||
"\n$body = \n $Body = $body | ConvertFrom-Json\n #convert to hashtable\n $HashTable = @{}\n foreach ($property in $Body.PSObject.Properties) {\n $HashTable[$property.Name] = $property.Value\n }\n $response = Invoke-WebRequest -Method HEAD -TimeoutSec 120 'https://www.example.com' -Body $HashTable -UseBasicParsing\n $response | Select-Object -Property * | ConvertTo-json # We use `Select-Object -Property * ` to get around an odd PowerShell error" => cmd.call("http-windows-remote-no-options"),
|
||||
"\n$body = \n $Body = $body | ConvertFrom-Json\n #convert to hashtable\n $HashTable = @{}\n foreach ($property in $Body.PSObject.Properties) {\n $HashTable[$property.Name] = $property.Value\n }\n $response = Invoke-WebRequest -Method GET -TimeoutSec 120 'https://www.example.com' -Body $HashTable -UseBasicParsing\n $response | Select-Object -Property * | ConvertTo-json # We use `Select-Object -Property * ` to get around an odd PowerShell error" => cmd.call("http-windows-remote-head"),
|
||||
"\n$body = '{ \"a\" : \"1\", \"b\" : \"five\" }'\n $Body = $body | ConvertFrom-Json\n #convert to hashtable\n $HashTable = @{}\n foreach ($property in $Body.PSObject.Properties) {\n $HashTable[$property.Name] = $property.Value\n }\n $response = Invoke-WebRequest -Method POST -TimeoutSec 120 'https://www.example.com' -Body $HashTable -UseBasicParsing\n $response | Select-Object -Property * | ConvertTo-json # We use `Select-Object -Property * ` to get around an odd PowerShell error" => cmd.call("http-windows-remote-head"),
|
||||
# elasticsearch resource
|
||||
"curl -H 'Content-Type: application/json' http://localhost:9200/_nodes" => cmd.call("elasticsearch-cluster-nodes-default"),
|
||||
"curl -k -H 'Content-Type: application/json' http://localhost:9200/_nodes" => cmd.call("elasticsearch-cluster-no-ssl"),
|
||||
|
|
Loading…
Reference in a new issue