From c7d902875a885fd429ed7936ada9275a2d89213a Mon Sep 17 00:00:00 2001 From: Vasu1105 Date: Thu, 21 Apr 2022 12:37:10 +0530 Subject: [PATCH] CFINSPEC-183: Rename artifact commands to inspec sign Signed-off-by: Vasu1105 --- .../inspec-artifact/lib/inspec-artifact.rb | 12 ------- .../inspec-sign.gemspec} | 4 +-- lib/plugins/inspec-sign/lib/inspec-sign.rb | 12 +++++++ .../lib/inspec-sign}/base.rb | 21 ++---------- .../lib/inspec-sign}/cli.rb | 33 ++++++++----------- .../test/functional/inspec_sign_test.rb} | 14 ++++---- 6 files changed, 35 insertions(+), 61 deletions(-) delete mode 100644 lib/plugins/inspec-artifact/lib/inspec-artifact.rb rename lib/plugins/{inspec-artifact/inspec-artifact.gemspec => inspec-sign/inspec-sign.gemspec} (87%) create mode 100644 lib/plugins/inspec-sign/lib/inspec-sign.rb rename lib/plugins/{inspec-artifact/lib/inspec-artifact => inspec-sign/lib/inspec-sign}/base.rb (90%) rename lib/plugins/{inspec-artifact/lib/inspec-artifact => inspec-sign/lib/inspec-sign}/cli.rb (76%) rename lib/plugins/{inspec-artifact/test/functional/inspec_artifact_test.rb => inspec-sign/test/functional/inspec_sign_test.rb} (70%) diff --git a/lib/plugins/inspec-artifact/lib/inspec-artifact.rb b/lib/plugins/inspec-artifact/lib/inspec-artifact.rb deleted file mode 100644 index 783d5e425..000000000 --- a/lib/plugins/inspec-artifact/lib/inspec-artifact.rb +++ /dev/null @@ -1,12 +0,0 @@ -module InspecPlugins - module Artifact - class Plugin < Inspec.plugin(2) - plugin_name :'inspec-artifact' - - cli_command :artifact do - require_relative "inspec-artifact/cli" - InspecPlugins::Artifact::CLI - end - end - end -end diff --git a/lib/plugins/inspec-artifact/inspec-artifact.gemspec b/lib/plugins/inspec-sign/inspec-sign.gemspec similarity index 87% rename from lib/plugins/inspec-artifact/inspec-artifact.gemspec rename to lib/plugins/inspec-sign/inspec-sign.gemspec index 9a1a0bc6a..eb62fd377 100644 --- a/lib/plugins/inspec-artifact/inspec-artifact.gemspec +++ b/lib/plugins/inspec-sign/inspec-sign.gemspec @@ -2,8 +2,8 @@ # These specs are used in plugin list and search command Gem::Specification.new do |spec| - spec.name = "inspec-artifact" + spec.name = "inspec-sign" spec.summary = "" spec.description = "Plugin to generate asymmetrical keys that you can use to encrypt profiles" spec.license = "Apache-2.0" -end \ No newline at end of file +end diff --git a/lib/plugins/inspec-sign/lib/inspec-sign.rb b/lib/plugins/inspec-sign/lib/inspec-sign.rb new file mode 100644 index 000000000..86cf704b5 --- /dev/null +++ b/lib/plugins/inspec-sign/lib/inspec-sign.rb @@ -0,0 +1,12 @@ +module InspecPlugins + module Sign + class Plugin < Inspec.plugin(2) + plugin_name :'inspec-sign' + + cli_command :sign do + require_relative "inspec-sign/cli" + InspecPlugins::Sign::CLI + end + end + end +end diff --git a/lib/plugins/inspec-artifact/lib/inspec-artifact/base.rb b/lib/plugins/inspec-sign/lib/inspec-sign/base.rb similarity index 90% rename from lib/plugins/inspec-artifact/lib/inspec-artifact/base.rb rename to lib/plugins/inspec-sign/lib/inspec-sign/base.rb index e7784704a..390c06eee 100644 --- a/lib/plugins/inspec-artifact/lib/inspec-artifact/base.rb +++ b/lib/plugins/inspec-sign/lib/inspec-sign/base.rb @@ -8,7 +8,7 @@ require "inspec/dist" require "inspec/utils/json_profile_summary" module InspecPlugins - module Artifact + module Sign class Base include Inspec::Dist @@ -74,7 +74,7 @@ module InspecPlugins def self.profile_verify(options) artifact = new - file_to_verifiy = options["infile"] + file_to_verifiy = options["signed_profile"] puts "Verifying #{file_to_verifiy}" artifact.verify(file_to_verifiy) do || @@ -82,23 +82,6 @@ module InspecPlugins end end - def self.profile_install(options) - artifact = new - puts "Installing profile" - file_to_verifiy = options["infile"] - dest_dir = options["destdir"] - artifact.verify(file_to_verifiy) do |content| - Dir.mktmpdir do |workdir| - tmpfile = Pathname.new(workdir).join("artifact_to_install.tar.gz") - File.open(tmpfile, "wb") do |f| - f.write content - end - puts "Installing to #{dest_dir}" - `tar xzf #{tmpfile} -C #{dest_dir}` - end - end - end - def read_profile_metadata(path_to_profile) begin p = Pathname.new(path_to_profile) diff --git a/lib/plugins/inspec-artifact/lib/inspec-artifact/cli.rb b/lib/plugins/inspec-sign/lib/inspec-sign/cli.rb similarity index 76% rename from lib/plugins/inspec-artifact/lib/inspec-artifact/cli.rb rename to lib/plugins/inspec-sign/lib/inspec-sign/cli.rb index b9b1f17ad..540d5731f 100644 --- a/lib/plugins/inspec-artifact/lib/inspec-artifact/cli.rb +++ b/lib/plugins/inspec-sign/lib/inspec-sign/cli.rb @@ -70,46 +70,39 @@ require "inspec/dist" # To extract the raw content from a .iaf: # sed '1,/^$/d' foo.iaf +# inspec artifact is renamed to inspec sign + module InspecPlugins - module Artifact + module Sign class CLI < Inspec.plugin(2, :cli_command) include Inspec::Dist - subcommand_desc "artifact SUBCOMMAND", "Manage #{PRODUCT_NAME} Artifacts" + subcommand_desc "sign SUBCOMMAND", "Manage #{PRODUCT_NAME} profile signing." - desc "generate", "Generate a RSA key pair for signing and verification" + desc "generate-keys", "Generate a RSA key pair for signing and verification" option :keyname, type: :string, required: true, desc: "Desriptive name of key" option :keydir, type: :string, default: "./", desc: "Directory to search for keys" def generate_keys puts "Generating keys" - InspecPlugins::Artifact::Base.keygen(options) + InspecPlugins::Sign::Base.keygen(options) end - desc "sign-profile", "Create a signed .iaf artifact" + desc "profile", "Create a signed .iaf artifact" option :profile, type: :string, required: true, desc: "Path to profile directory" option :keyname, type: :string, required: true, desc: "Desriptive name of key" - def sign_profile - InspecPlugins::Artifact::Base.profile_sign(options) + def profile + InspecPlugins::Sign::Base.profile_sign(options) end - desc "verify-profile", "Verify a signed .iaf artifact" - option :infile, type: :string, required: true, + desc "verify", "Verify a signed .iaf artifact" + option :signed_profile, type: :string, required: true, desc: ".iaf file to verify" - def verify_profile - InspecPlugins::Artifact::Base.profile_verify(options) - end - - desc "install-profile", "Verify and install a signed .iaf artifact" - option :infile, type: :string, required: true, - desc: ".iaf file to install" - option :destdir, type: :string, required: true, - desc: "Installation directory" - def install_profile - InspecPlugins::Artifact::Base.profile_install(options) + def verify + InspecPlugins::Sign::Base.profile_verify(options) end end end diff --git a/lib/plugins/inspec-artifact/test/functional/inspec_artifact_test.rb b/lib/plugins/inspec-sign/test/functional/inspec_sign_test.rb similarity index 70% rename from lib/plugins/inspec-artifact/test/functional/inspec_artifact_test.rb rename to lib/plugins/inspec-sign/test/functional/inspec_sign_test.rb index f5247d4c9..bf88f37fa 100644 --- a/lib/plugins/inspec-artifact/test/functional/inspec_artifact_test.rb +++ b/lib/plugins/inspec-sign/test/functional/inspec_sign_test.rb @@ -2,7 +2,7 @@ require "fileutils" unless defined?(FileUtils) require "plugins/shared/core_plugin_test_helper" require "securerandom" unless defined?(SecureRandom) -class ArtifactCli < Minitest::Test +class SignCli < Minitest::Test include CorePluginFunctionalHelper def test_generating_archive_keys @@ -10,7 +10,7 @@ class ArtifactCli < Minitest::Test skip_windows! # Breakage confirmed, only on CI: https://buildkite.com/chef-oss/inspec-inspec-master-verify/builds/2355#2c9d032e-4a24-4e7c-aef2-1c9e2317d9e2 unique_key_name = SecureRandom.uuid - out = run_inspec_process("artifact generate --keyname #{unique_key_name}", prefix: "cd #{dir};") + out = run_inspec_process("sign generate-keys --keyname #{unique_key_name}", prefix: "cd #{dir};") stdout = out.stdout.force_encoding(Encoding::UTF_8) assert_includes stdout, "Generating private key" @@ -32,10 +32,10 @@ class ArtifactCli < Minitest::Test profile = File.join(dir, "artifact-profile") run_inspec_process("init profile artifact-profile", prefix: "cd #{dir};") - out = run_inspec_process("artifact generate --keyname #{unique_key_name}", prefix: "cd #{dir};") + out = run_inspec_process("sign generate-keys --keyname #{unique_key_name}", prefix: "cd #{dir};") assert_exit_code 0, out - out = run_inspec_process("artifact sign-profile --profile #{profile} --keyname #{unique_key_name}", prefix: "cd #{dir};") + out = run_inspec_process("sign profile --profile #{profile} --keyname #{unique_key_name}", prefix: "cd #{dir};") assert_exit_code 0, out # The archive install commands do not currently support windows @@ -43,12 +43,10 @@ class ArtifactCli < Minitest::Test # still experimental we are skipping it for now. return if is_windows? - out = run_inspec_process("artifact install-profile --infile artifact-profile-0.1.0.iaf --destdir #{install_dir}", prefix: "cd #{dir};") + out = run_inspec_process("sign verify --signed-profile artifact-profile-0.1.0.iaf", prefix: "cd #{dir};") assert_exit_code 0, out - assert_includes out.stdout.force_encoding(Encoding::UTF_8), "Installing to #{install_dir}" - assert_includes Dir.entries(install_dir).join, "inspec.yml" - assert_includes Dir.entries(install_dir).join, "inspec.json" + assert_includes out.stdout.force_encoding(Encoding::UTF_8), "Verifying artifact-profile-0.1.0.iaf" assert_exit_code 0, out end end