From d5be4c2927f18525e1696660d45c8c1f8b7bb588 Mon Sep 17 00:00:00 2001 From: Clinton Wolfe Date: Mon, 25 May 2020 20:58:51 -0400 Subject: [PATCH] Test kitchen setup to test detection of audit-cookbook Signed-off-by: Clinton Wolfe --- kitchen.run_context.yml | 20 +++++++++++++++++++ .../utils/telemetry/run_context_probe.rb | 4 ++-- .../controls/after-audit.rb | 16 +++++++++++++++ .../run-context-after-audit/inspec.yml | 10 ++++++++++ 4 files changed, 48 insertions(+), 2 deletions(-) create mode 100644 test/integration/run-context-after-audit/controls/after-audit.rb create mode 100644 test/integration/run-context-after-audit/inspec.yml diff --git a/kitchen.run_context.yml b/kitchen.run_context.yml index d2e4e7f84..9ad992edc 100644 --- a/kitchen.run_context.yml +++ b/kitchen.run_context.yml @@ -13,6 +13,7 @@ verifier: lifecycle: # This pre_create hook, along with the install_inspec cookbook, ensures that # the VM has a version of InSpec that matches that built from source. + # Note that audit cookbook will ignore this. pre_create: - local: cd inspec-bin && gem build inspec-core-bin.gemspec --output ../test/kitchen/cookbooks/install_inspec/files/inspec-core-bin.gem - local: gem build inspec-core.gemspec --output test/kitchen/cookbooks/install_inspec/files/inspec-core.gem @@ -27,3 +28,22 @@ suites: - name: run-context-tk run_list: - recipe[install_inspec] + + # This test suite uses a pair of profiles to check the Telemetry Run Context + # detection system under audit cookbook. + - name: run-context-after-audit + run_list: + - recipe[install_inspec] + - recipe[audit] + attributes: + audit: + profiles: + # This actually runs during converge time, and performs the stack + # probe that we care about. It writes a JSON copy of the stack that + # it saw to /tmp/audit_stack.json . run-context-after-audit examines + # that JSON file and runs it through the context probe to see what it gets. + run-context-during-audit: + # This should work but doesn't :-( + # path: <%= Dir.pwd %>/test/integration/run-context-during-audit/ + url: https://github.com/inspec/inspec-test-profile-run-context-audit/archive/v0.3.2.zip + diff --git a/lib/inspec/utils/telemetry/run_context_probe.rb b/lib/inspec/utils/telemetry/run_context_probe.rb index 7ef63e461..4a2eb886b 100644 --- a/lib/inspec/utils/telemetry/run_context_probe.rb +++ b/lib/inspec/utils/telemetry/run_context_probe.rb @@ -4,8 +4,8 @@ module Inspec # All stack values here are determined experimentally class RunContextProbe - def self.guess_run_context - stack = caller_locations + def self.guess_run_context(stack = nil) + stack ||= caller_locations return "test-kitchen" if kitchen?(stack) return "cli" if run_by_thor?(stack) return "audit-cookbook" if audit_cookbook?(stack) diff --git a/test/integration/run-context-after-audit/controls/after-audit.rb b/test/integration/run-context-after-audit/controls/after-audit.rb new file mode 100644 index 000000000..89a1b105d --- /dev/null +++ b/test/integration/run-context-after-audit/controls/after-audit.rb @@ -0,0 +1,16 @@ + +# run-context-during-audit should have left a file with a JSON +# representation of the stack as experienced by the audit cookbook. + +raw_data = JSON.parse(file("/tmp/audit_stack.json").content) +# These aren't really stack frames, so we do some duck typing +Frame = Struct.new(:absolute_path, :label) +reconstructed_stack = raw_data.map{ |f| Frame.new(f["absolute_path"], f["label"]) } + +require "inspec/utils/telemetry/run_context_probe" + +control "run-context" do + describe Inspec::Telemetry::RunContextProbe.guess_run_context(reconstructed_stack) do + it { should eq "audit-cookbook" } + end +end diff --git a/test/integration/run-context-after-audit/inspec.yml b/test/integration/run-context-after-audit/inspec.yml new file mode 100644 index 000000000..2eebfcd50 --- /dev/null +++ b/test/integration/run-context-after-audit/inspec.yml @@ -0,0 +1,10 @@ +name: run-context-after-audit +title: InSpec Profile +maintainer: InSpec Engineering +copyright: Chef Software, Inc. +copyright_email: inspec@chef.io +license: Apache-2.0 +summary: An InSpec Compliance Profile to test inspec run context detection under audit-cookbook +version: 0.1.0 +supports: + platform: os