chef-cli 5.5.0 → 5.6.0
Sign up to get free protection for your applications and to get access to all the features.
- checksums.yaml +4 -4
- data/Gemfile +2 -0
- data/lib/chef-cli/builtin_commands.rb +0 -3
- data/lib/chef-cli/command/generate.rb +12 -11
- data/lib/chef-cli/command/generator_commands/chef_exts/quieter_doc_formatter.rb +9 -0
- data/lib/chef-cli/command/generator_commands/cookbook.rb +15 -41
- data/lib/chef-cli/command/{provision.rb → generator_commands/input.rb} +10 -9
- data/lib/chef-cli/command/generator_commands/profile.rb +37 -0
- data/lib/chef-cli/command/generator_commands/waiver.rb +37 -0
- data/lib/chef-cli/generator.rb +15 -0
- data/lib/chef-cli/skeletons/code_generator/recipes/cookbook.rb +10 -40
- data/lib/chef-cli/skeletons/code_generator/recipes/input.rb +13 -0
- data/lib/chef-cli/skeletons/code_generator/recipes/profile.rb +22 -0
- data/lib/chef-cli/skeletons/code_generator/recipes/waiver.rb +13 -0
- data/lib/chef-cli/skeletons/code_generator/templates/default/compliance_dir_README.md.erb +25 -0
- data/lib/chef-cli/skeletons/code_generator/templates/default/compliance_profile_control.rb.erb +14 -0
- data/lib/chef-cli/skeletons/code_generator/templates/default/compliance_profile_inspec.yml.erb +16 -0
- data/lib/chef-cli/skeletons/code_generator/templates/default/input.yml.erb +8 -0
- data/lib/chef-cli/skeletons/code_generator/templates/default/waiver.yml.erb +10 -0
- data/lib/chef-cli/version.rb +1 -1
- data/spec/spec_helper.rb +2 -0
- data/spec/unit/command/generate_spec.rb +0 -8
- data/spec/unit/command/generator_commands/cookbook_spec.rb +2 -1
- data/spec/unit/command/generator_commands/input_spec.rb +31 -0
- data/spec/unit/command/generator_commands/profile_spec.rb +34 -0
- data/spec/unit/command/generator_commands/waiver_spec.rb +31 -0
- metadata +19 -5
- data/lib/chef-cli/skeletons/code_generator/files/default/delivery-project.toml +0 -32
- data/lib/chef-cli/skeletons/code_generator/templates/default/delivery-project.toml.erb +0 -36
checksums.yaml
CHANGED
@@ -1,7 +1,7 @@
|
|
1
1
|
---
|
2
2
|
SHA256:
|
3
|
-
metadata.gz:
|
4
|
-
data.tar.gz:
|
3
|
+
metadata.gz: e8f6584f3f7241a9b2a700c32a5c2562b1d6010527a453405c42c1fba4511a16
|
4
|
+
data.tar.gz: 2b038f40f4f990f3bfeca2c33a4478f23e34895d7a76c8c4f8cfa7bfdc6e522f
|
5
5
|
SHA512:
|
6
|
-
metadata.gz:
|
7
|
-
data.tar.gz:
|
6
|
+
metadata.gz: '06735193dc5c884a7260fa1d2376e7428635dcffbe846602483c1489c2670a451417ea2de0b22687e82216f76eb2351e1459b246c37ca20b4cdf31bcdf2e15a3'
|
7
|
+
data.tar.gz: 49d095de278a34f76c6fb10943aaaf1589d8bc936e25f916b569ca2beaff20173b5657e953dda4314a8e1f9557662a9c4c375f392920fd17f0a29986ae8f3ab0
|
data/Gemfile
CHANGED
@@ -57,7 +57,4 @@ ChefCLI.commands do |c|
|
|
57
57
|
|
58
58
|
c.builtin "describe-cookbook", :DescribeCookbook, require_path: "chef-cli/command/describe_cookbook",
|
59
59
|
desc: "Prints cookbook checksum information used for cookbook identifier"
|
60
|
-
|
61
|
-
# deprecated command that throws a failure warning if used. This was removed 4.2019
|
62
|
-
c.builtin "provision", :Provision, desc: "Provision VMs and clusters via cookbook", hidden: true
|
63
60
|
end
|
@@ -29,6 +29,9 @@ require_relative "generator_commands/template"
|
|
29
29
|
require_relative "generator_commands/repo"
|
30
30
|
require_relative "generator_commands/policyfile"
|
31
31
|
require_relative "generator_commands/generator_generator"
|
32
|
+
require_relative "generator_commands/input"
|
33
|
+
require_relative "generator_commands/profile"
|
34
|
+
require_relative "generator_commands/waiver"
|
32
35
|
require_relative "../dist"
|
33
36
|
|
34
37
|
module ChefCLI
|
@@ -45,17 +48,19 @@ module ChefCLI
|
|
45
48
|
generators << GeneratorCommand.new(name, class_name, description)
|
46
49
|
end
|
47
50
|
|
48
|
-
generator(:cookbook, :Cookbook, "Generate a single cookbook")
|
49
|
-
generator(:recipe, :Recipe, "Generate a new recipe")
|
50
51
|
generator(:attribute, :Attribute, "Generate an attributes file")
|
51
|
-
generator(:
|
52
|
+
generator(:cookbook, :Cookbook, "Generate a single cookbook")
|
52
53
|
generator(:file, :CookbookFile, "Generate a cookbook file")
|
54
|
+
generator(:generator, :GeneratorGenerator, "Copy #{ChefCLI::Dist::PRODUCT}'s generator cookbook so you can customize it")
|
53
55
|
generator(:helpers, :Helpers, "Generate a cookbook helper file in libraries")
|
54
|
-
generator(:
|
55
|
-
generator(:repo, :Repo, "Generate a #{ChefCLI::Dist::INFRA_PRODUCT} code repository")
|
56
|
+
generator(:input, :Input, "Generate a Compliance Phase #{ChefCLI::Dist::INSPEC_PRODUCT} Input file")
|
56
57
|
generator(:policyfile, :Policyfile, "Generate a Policyfile for use with the install/push commands")
|
57
|
-
generator(:
|
58
|
-
generator(:
|
58
|
+
generator(:profile, :Profile, "Generate a Compliance Phase #{ChefCLI::Dist::INSPEC_PRODUCT} profile")
|
59
|
+
generator(:recipe, :Recipe, "Generate a new recipe")
|
60
|
+
generator(:repo, :Repo, "Generate a #{ChefCLI::Dist::INFRA_PRODUCT} code repository")
|
61
|
+
generator(:resource, :Resource, "Generate a custom resource")
|
62
|
+
generator(:template, :Template, "Generate a file template")
|
63
|
+
generator(:waiver, :Waiver, "Generate a Compliance Phase #{ChefCLI::Dist::INSPEC_PRODUCT} Waiver file")
|
59
64
|
|
60
65
|
def self.banner_headline
|
61
66
|
<<~E
|
@@ -82,10 +87,6 @@ module ChefCLI
|
|
82
87
|
end
|
83
88
|
|
84
89
|
def run(params)
|
85
|
-
if params[0] == "build-cookbook"
|
86
|
-
warn "[DEPRECATION] Chef Workflow (Delivery) is end of life (EOL) as of December 31, 2020 and this generator subcommand has been removed".freeze
|
87
|
-
return 1
|
88
|
-
end
|
89
90
|
if ( generator_spec = generator_for(params[0]) )
|
90
91
|
params.shift
|
91
92
|
generator = GeneratorCommands.build(generator_spec.class_name, params)
|
@@ -32,5 +32,14 @@ module ChefCLI
|
|
32
32
|
|
33
33
|
# Called when cookbook loading starts.
|
34
34
|
def library_load_start(file_count); end
|
35
|
+
|
36
|
+
# Called when cookbook loading starts.
|
37
|
+
def profiles_load_start; end
|
38
|
+
|
39
|
+
# Called when cookbook loading starts.
|
40
|
+
def inputs_load_start; end
|
41
|
+
|
42
|
+
# Called when cookbook loading starts.
|
43
|
+
def waivers_load_start; end
|
35
44
|
end
|
36
45
|
end
|
@@ -65,7 +65,7 @@ module ChefCLI
|
|
65
65
|
option :workflow,
|
66
66
|
short: "-w",
|
67
67
|
long: "--workflow",
|
68
|
-
description: "
|
68
|
+
description: "REMOVED: #{ChefCLI::Dist::WORKFLOW} is EOL. This option has been removed.",
|
69
69
|
boolean: true,
|
70
70
|
default: false
|
71
71
|
|
@@ -85,8 +85,8 @@ module ChefCLI
|
|
85
85
|
|
86
86
|
option :pipeline,
|
87
87
|
long: "--pipeline PIPELINE",
|
88
|
-
description: "
|
89
|
-
default:
|
88
|
+
description: "REMOVED: #{ChefCLI::Dist::WORKFLOW} is EOL. This option has been removed.",
|
89
|
+
default: nil
|
90
90
|
|
91
91
|
options.merge!(SharedGeneratorOptions.options)
|
92
92
|
|
@@ -119,17 +119,12 @@ module ChefCLI
|
|
119
119
|
|
120
120
|
def emit_post_create_message
|
121
121
|
default_recipe_file = yaml ? "default.yml" : "default.rb"
|
122
|
-
|
123
|
-
|
124
|
-
|
125
|
-
|
126
|
-
|
127
|
-
|
128
|
-
msg("\nWhy not start by writing an InSpec test? Tests for the default recipe are stored at:\n")
|
129
|
-
msg("test/integration/default/default_test.rb")
|
130
|
-
msg("\nIf you'd prefer to dive right in, the default recipe can be found at:")
|
131
|
-
msg("\nrecipes/#{default_recipe_file}\n")
|
132
|
-
end
|
122
|
+
msg("Your cookbook is ready. Type `cd #{cookbook_name_or_path}` to enter it.")
|
123
|
+
msg("\nThere are several commands you can run to get started locally developing and testing your cookbook.")
|
124
|
+
msg("\nWhy not start by writing an InSpec test? Tests for the default recipe are stored at:\n")
|
125
|
+
msg("test/integration/default/default_test.rb")
|
126
|
+
msg("\nIf you'd prefer to dive right in, the default recipe can be found at:")
|
127
|
+
msg("\nrecipes/#{default_recipe_file}\n")
|
133
128
|
end
|
134
129
|
|
135
130
|
def setup_context
|
@@ -143,16 +138,10 @@ module ChefCLI
|
|
143
138
|
Generator.add_attr_to_context(:policy_run_list, policy_run_list)
|
144
139
|
Generator.add_attr_to_context(:policy_local_cookbook, ".")
|
145
140
|
|
146
|
-
Generator.add_attr_to_context(:enable_workflow, enable_workflow?)
|
147
|
-
Generator.add_attr_to_context(:workflow_project_dir, cookbook_full_path)
|
148
|
-
Generator.add_attr_to_context(:build_cookbook_parent_is_cookbook, true)
|
149
|
-
Generator.add_attr_to_context(:workflow_project_git_initialized, have_git? && !cookbook_path_in_git_repo?)
|
150
|
-
|
151
141
|
Generator.add_attr_to_context(:verbose, verbose?)
|
152
142
|
Generator.add_attr_to_context(:specs, specs?)
|
153
143
|
|
154
144
|
Generator.add_attr_to_context(:use_policyfile, policy_mode?)
|
155
|
-
Generator.add_attr_to_context(:pipeline, pipeline)
|
156
145
|
Generator.add_attr_to_context(:kitchen, kitchen)
|
157
146
|
Generator.add_attr_to_context(:vscode_dir, create_vscode_dir?)
|
158
147
|
Generator.add_attr_to_context(:yaml, yaml)
|
@@ -162,10 +151,6 @@ module ChefCLI
|
|
162
151
|
config[:kitchen]
|
163
152
|
end
|
164
153
|
|
165
|
-
def pipeline
|
166
|
-
config[:pipeline]
|
167
|
-
end
|
168
|
-
|
169
154
|
def yaml
|
170
155
|
config[:yaml]
|
171
156
|
end
|
@@ -202,10 +187,6 @@ module ChefCLI
|
|
202
187
|
@policy_mode
|
203
188
|
end
|
204
189
|
|
205
|
-
def enable_workflow?
|
206
|
-
config[:workflow]
|
207
|
-
end
|
208
|
-
|
209
190
|
def verbose?
|
210
191
|
@verbose
|
211
192
|
end
|
@@ -214,22 +195,10 @@ module ChefCLI
|
|
214
195
|
@specs
|
215
196
|
end
|
216
197
|
|
217
|
-
#
|
218
|
-
# Is there a .delivery/cli.toml in the current dir or any of the parent dirs
|
219
|
-
#
|
220
|
-
# @return [Boolean]
|
221
|
-
#
|
222
|
-
def have_delivery_config?
|
223
|
-
# delivery-cli's logic is to look recursively upward for
|
224
|
-
# .delivery/cli.toml starting from pwd:
|
225
|
-
# https://github.com/chef/delivery-cli/blob/22cbef3987ebd0aee98405b7e161a100edc87e49/src/delivery/config/mod.rs#L225-L247
|
226
|
-
|
227
|
-
Pathname.pwd.ascend.any? { |path| path.join(".delivery/cli.toml").exist? }
|
228
|
-
end
|
229
|
-
|
230
198
|
def read_and_validate_params
|
231
199
|
arguments = parse_options(params)
|
232
200
|
@cookbook_name_or_path = arguments[0]
|
201
|
+
|
233
202
|
if !@cookbook_name_or_path
|
234
203
|
@params_valid = false
|
235
204
|
elsif File.basename(@cookbook_name_or_path).include?("-")
|
@@ -241,6 +210,11 @@ module ChefCLI
|
|
241
210
|
@params_valid = false
|
242
211
|
end
|
243
212
|
|
213
|
+
if config[:workflow] || config[:pipeline]
|
214
|
+
err("[DEPRECATION] Chef Workflow (Delivery) is end of life (EOL) as of December 31, 2020 and the --workflow and --pipeline flags have been removed")
|
215
|
+
@params_valid = false
|
216
|
+
end
|
217
|
+
|
244
218
|
if config[:berks]
|
245
219
|
@policy_mode = false
|
246
220
|
end
|
@@ -15,22 +15,23 @@
|
|
15
15
|
# limitations under the License.
|
16
16
|
#
|
17
17
|
|
18
|
-
require_relative "
|
19
|
-
require_relative "
|
20
|
-
require_relative "../dist"
|
18
|
+
require_relative "cookbook_code_file"
|
19
|
+
require_relative "../../dist"
|
21
20
|
|
22
21
|
module ChefCLI
|
23
|
-
|
24
22
|
module Command
|
23
|
+
module GeneratorCommands
|
24
|
+
# chef generate input [path/to/cookbook_root] NAME
|
25
|
+
class Input < CookbookCodeFile
|
25
26
|
|
26
|
-
|
27
|
+
banner "Usage: #{ChefCLI::Dist::EXEC} generate input [path/to/cookbook] NAME [options]"
|
27
28
|
|
28
|
-
|
29
|
+
options.merge!(SharedGeneratorOptions.options)
|
29
30
|
|
30
|
-
|
31
|
-
|
31
|
+
def recipe
|
32
|
+
"input"
|
33
|
+
end
|
32
34
|
end
|
33
|
-
|
34
35
|
end
|
35
36
|
end
|
36
37
|
end
|
@@ -0,0 +1,37 @@
|
|
1
|
+
#
|
2
|
+
# Copyright:: Chef Software Inc.
|
3
|
+
# License:: Apache License, Version 2.0
|
4
|
+
#
|
5
|
+
# Licensed under the Apache License, Version 2.0 (the "License");
|
6
|
+
# you may not use this file except in compliance with the License.
|
7
|
+
# You may obtain a copy of the License at
|
8
|
+
#
|
9
|
+
# http://www.apache.org/licenses/LICENSE-2.0
|
10
|
+
#
|
11
|
+
# Unless required by applicable law or agreed to in writing, software
|
12
|
+
# distributed under the License is distributed on an "AS IS" BASIS,
|
13
|
+
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
14
|
+
# See the License for the specific language governing permissions and
|
15
|
+
# limitations under the License.
|
16
|
+
#
|
17
|
+
|
18
|
+
require_relative "cookbook_code_file"
|
19
|
+
require_relative "../../dist"
|
20
|
+
|
21
|
+
module ChefCLI
|
22
|
+
module Command
|
23
|
+
module GeneratorCommands
|
24
|
+
# chef generate profile [path/to/cookbook_root] NAME
|
25
|
+
class Profile < CookbookCodeFile
|
26
|
+
|
27
|
+
banner "Usage: #{ChefCLI::Dist::EXEC} generate profile [path/to/cookbook] NAME [options]"
|
28
|
+
|
29
|
+
options.merge!(SharedGeneratorOptions.options)
|
30
|
+
|
31
|
+
def recipe
|
32
|
+
"profile"
|
33
|
+
end
|
34
|
+
end
|
35
|
+
end
|
36
|
+
end
|
37
|
+
end
|
@@ -0,0 +1,37 @@
|
|
1
|
+
#
|
2
|
+
# Copyright:: Chef Software Inc.
|
3
|
+
# License:: Apache License, Version 2.0
|
4
|
+
#
|
5
|
+
# Licensed under the Apache License, Version 2.0 (the "License");
|
6
|
+
# you may not use this file except in compliance with the License.
|
7
|
+
# You may obtain a copy of the License at
|
8
|
+
#
|
9
|
+
# http://www.apache.org/licenses/LICENSE-2.0
|
10
|
+
#
|
11
|
+
# Unless required by applicable law or agreed to in writing, software
|
12
|
+
# distributed under the License is distributed on an "AS IS" BASIS,
|
13
|
+
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
14
|
+
# See the License for the specific language governing permissions and
|
15
|
+
# limitations under the License.
|
16
|
+
#
|
17
|
+
|
18
|
+
require_relative "cookbook_code_file"
|
19
|
+
require_relative "../../dist"
|
20
|
+
|
21
|
+
module ChefCLI
|
22
|
+
module Command
|
23
|
+
module GeneratorCommands
|
24
|
+
# chef generate waiver [path/to/cookbook_root] NAME
|
25
|
+
class Waiver < CookbookCodeFile
|
26
|
+
|
27
|
+
banner "Usage: #{ChefCLI::Dist::EXEC} generate waiver [path/to/cookbook] NAME [options]"
|
28
|
+
|
29
|
+
options.merge!(SharedGeneratorOptions.options)
|
30
|
+
|
31
|
+
def recipe
|
32
|
+
"waiver"
|
33
|
+
end
|
34
|
+
end
|
35
|
+
end
|
36
|
+
end
|
37
|
+
end
|
data/lib/chef-cli/generator.rb
CHANGED
@@ -68,6 +68,21 @@ module ChefCLI
|
|
68
68
|
Time.now.year
|
69
69
|
end
|
70
70
|
|
71
|
+
def self.license_long(license = nil)
|
72
|
+
case license
|
73
|
+
when "apachev2"
|
74
|
+
"Apache-2.0"
|
75
|
+
when "mit"
|
76
|
+
"MIT"
|
77
|
+
when "gplv2"
|
78
|
+
"GPL-2.0"
|
79
|
+
when "gplv3"
|
80
|
+
"GPL-3.0"
|
81
|
+
else
|
82
|
+
"All Rights Reserved"
|
83
|
+
end
|
84
|
+
end
|
85
|
+
|
71
86
|
# Prints the short description of the license, suitable for use in a
|
72
87
|
# preamble to a file. Optionally specify a comment to prepend to each line.
|
73
88
|
def license_description(comment = nil)
|
@@ -9,23 +9,10 @@ generator_desc('Ensuring correct cookbook content')
|
|
9
9
|
directory cookbook_dir
|
10
10
|
|
11
11
|
# metadata.rb
|
12
|
-
spdx_license = case context.license
|
13
|
-
when 'apachev2'
|
14
|
-
'Apache-2.0'
|
15
|
-
when 'mit'
|
16
|
-
'MIT'
|
17
|
-
when 'gplv2'
|
18
|
-
'GPL-2.0'
|
19
|
-
when 'gplv3'
|
20
|
-
'GPL-3.0'
|
21
|
-
else
|
22
|
-
'All Rights Reserved'
|
23
|
-
end
|
24
|
-
|
25
12
|
template "#{cookbook_dir}/metadata.rb" do
|
26
13
|
helpers(ChefCLI::Generator::TemplateHelper)
|
27
14
|
variables(
|
28
|
-
spdx_license:
|
15
|
+
spdx_license: ChefCLI::Generator::TemplateHelper.license_long(context.license)
|
29
16
|
)
|
30
17
|
action :create_if_missing
|
31
18
|
end
|
@@ -131,20 +118,18 @@ else
|
|
131
118
|
end
|
132
119
|
end
|
133
120
|
|
134
|
-
#
|
135
|
-
|
136
|
-
directory "#{cookbook_dir}
|
137
|
-
|
138
|
-
template "#{cookbook_dir}/.delivery/project.toml" do
|
139
|
-
variables(
|
140
|
-
specs: context.specs
|
141
|
-
)
|
142
|
-
source 'delivery-project.toml.erb'
|
143
|
-
helpers(ChefCLI::Generator::TemplateHelper)
|
144
|
-
action :create_if_missing
|
121
|
+
# compliance phase
|
122
|
+
%w(inputs profiles waivers).each do |dir|
|
123
|
+
directory "#{cookbook_dir}/compliance/#{dir}" do
|
124
|
+
recursive true
|
145
125
|
end
|
146
126
|
end
|
147
127
|
|
128
|
+
template "#{cookbook_dir}/compliance/README.md" do
|
129
|
+
source 'compliance_dir_README.md.erb'
|
130
|
+
action :create_if_missing
|
131
|
+
end
|
132
|
+
|
148
133
|
# git
|
149
134
|
if context.have_git
|
150
135
|
unless context.skip_git_init
|
@@ -189,18 +174,3 @@ if context.vscode_dir
|
|
189
174
|
CONTENT
|
190
175
|
end
|
191
176
|
end
|
192
|
-
|
193
|
-
if context.enable_workflow
|
194
|
-
warn "\n---------WARNING---------\nThe --workflow flag is deprecated as #{ChefCLI::Dist::WORKFLOW} is EOL as of December 2020.\n\nThis flag will be ignored and will be removed in a future release.\n-------------------------\n\n"
|
195
|
-
directory "#{cookbook_dir}/.delivery"
|
196
|
-
|
197
|
-
template "#{cookbook_dir}/.delivery/project.toml" do
|
198
|
-
variables(
|
199
|
-
specs: context.specs
|
200
|
-
)
|
201
|
-
source 'delivery-project.toml.erb'
|
202
|
-
helpers(ChefCLI::Generator::TemplateHelper)
|
203
|
-
action :create_if_missing
|
204
|
-
end
|
205
|
-
|
206
|
-
end
|
@@ -0,0 +1,13 @@
|
|
1
|
+
context = ChefCLI::Generator.context
|
2
|
+
cookbook_dir = File.join(context.cookbook_root, context.cookbook_name)
|
3
|
+
input_dir = File.join(cookbook_dir, 'compliance', 'inputs')
|
4
|
+
input_path = File.join(input_dir, "#{context.new_file_basename}.yml")
|
5
|
+
|
6
|
+
directory input_dir do
|
7
|
+
recursive true
|
8
|
+
end
|
9
|
+
|
10
|
+
template input_path do
|
11
|
+
source 'input.yml.erb'
|
12
|
+
helpers(ChefCLI::Generator::TemplateHelper)
|
13
|
+
end
|
@@ -0,0 +1,22 @@
|
|
1
|
+
context = ChefCLI::Generator.context
|
2
|
+
cookbook_dir = File.join(context.cookbook_root, context.cookbook_name)
|
3
|
+
profile_dir = File.join(cookbook_dir, 'compliance', 'profiles', "#{context.new_file_basename}")
|
4
|
+
control_dir = File.join(profile_dir, 'controls')
|
5
|
+
|
6
|
+
directory control_dir do
|
7
|
+
recursive true
|
8
|
+
end
|
9
|
+
|
10
|
+
template "#{profile_dir}/inspec.yml" do
|
11
|
+
source 'compliance_profile_inspec.yml.erb'
|
12
|
+
helpers(ChefCLI::Generator::TemplateHelper)
|
13
|
+
variables(
|
14
|
+
spdx_license: ChefCLI::Generator::TemplateHelper.license_long(context.license),
|
15
|
+
profile_name: context.new_file_basename
|
16
|
+
)
|
17
|
+
end
|
18
|
+
|
19
|
+
template "#{control_dir}/example.rb" do
|
20
|
+
source 'compliance_profile_control.rb.erb'
|
21
|
+
helpers(ChefCLI::Generator::TemplateHelper)
|
22
|
+
end
|
@@ -0,0 +1,13 @@
|
|
1
|
+
context = ChefCLI::Generator.context
|
2
|
+
cookbook_dir = File.join(context.cookbook_root, context.cookbook_name)
|
3
|
+
waiver_dir = File.join(cookbook_dir, 'compliance', 'waivers')
|
4
|
+
waiver_path = File.join(waiver_dir, "#{context.new_file_basename}.yml")
|
5
|
+
|
6
|
+
directory waiver_dir do
|
7
|
+
recursive true
|
8
|
+
end
|
9
|
+
|
10
|
+
template waiver_path do
|
11
|
+
source 'waiver.yml.erb'
|
12
|
+
helpers(ChefCLI::Generator::TemplateHelper)
|
13
|
+
end
|
@@ -0,0 +1,25 @@
|
|
1
|
+
# compliance
|
2
|
+
|
3
|
+
This directory contains <%= ChefCLI::Dist::INSPEC_PRODUCT %> profile, waiver and input objects which are used with the <%= ChefCLI::Dist::INFRA_PRODUCT %> Compliance Phase.
|
4
|
+
|
5
|
+
Detailed information on the <%= ChefCLI::Dist::INFRA_PRODUCT %> Compliance Phase can be found in the [Chef Documentation](https://docs.chef.io/chef_compliance_phase/).
|
6
|
+
|
7
|
+
```plain
|
8
|
+
./compliance
|
9
|
+
├── inputs
|
10
|
+
├── profiles
|
11
|
+
└── waivers
|
12
|
+
```
|
13
|
+
|
14
|
+
Use the `<%= ChefCLI::Dist::EXEC %> generate` command from <%= ChefCLI::Dist::PRODUCT %> to create content for these directories:
|
15
|
+
|
16
|
+
```sh
|
17
|
+
# Generate a <%= ChefCLI::Dist::INSPEC_PRODUCT %> profile
|
18
|
+
<%= ChefCLI::Dist::EXEC %> generate profile PROFILE_NAME
|
19
|
+
|
20
|
+
# Generate a <%= ChefCLI::Dist::INSPEC_PRODUCT %> waiver file
|
21
|
+
<%= ChefCLI::Dist::EXEC %> generate waiver WAIVER_NAME
|
22
|
+
|
23
|
+
# Generate a <%= ChefCLI::Dist::INSPEC_PRODUCT %> input file
|
24
|
+
<%= ChefCLI::Dist::EXEC %> generate input INPUT_NAME
|
25
|
+
```
|
data/lib/chef-cli/skeletons/code_generator/templates/default/compliance_profile_control.rb.erb
ADDED
@@ -0,0 +1,14 @@
|
|
1
|
+
# Cookbook:: <%= cookbook_name %>
|
2
|
+
|
3
|
+
# The <%= ChefCLI::Dist::INSPEC_PRODUCT %> reference, with examples and extensive documentation, can be
|
4
|
+
# found at https://docs.chef.io/inspec/resources/
|
5
|
+
|
6
|
+
control 'example_control' do
|
7
|
+
impact 0.7
|
8
|
+
title 'Example Control'
|
9
|
+
desc 'This is an example control. Replace with real test content.'
|
10
|
+
|
11
|
+
describe user('root'), :skip do
|
12
|
+
it { should exist }
|
13
|
+
end
|
14
|
+
end
|
data/lib/chef-cli/skeletons/code_generator/templates/default/compliance_profile_inspec.yml.erb
ADDED
@@ -0,0 +1,16 @@
|
|
1
|
+
---
|
2
|
+
# Cookbook:: <%= cookbook_name %>
|
3
|
+
|
4
|
+
# The <%= ChefCLI::Dist::INSPEC_PRODUCT %> reference, with examples and extensive documentation, can be
|
5
|
+
# found at https://docs.chef.io/inspec/profiles/
|
6
|
+
|
7
|
+
name: <%= @profile_name %>
|
8
|
+
title: <%= @profile_name %>
|
9
|
+
maintainer: <%= copyright_holder %>
|
10
|
+
copyright: <%= copyright_holder %>
|
11
|
+
copyright_email: <%= email %>
|
12
|
+
license: <%= @spdx_license %>
|
13
|
+
summary: A <%= ChefCLI::Dist::INSPEC_PRODUCT %> Compliance Profile
|
14
|
+
version: 0.1.0
|
15
|
+
supports:
|
16
|
+
platform: os
|
@@ -0,0 +1,10 @@
|
|
1
|
+
---
|
2
|
+
# Cookbook:: <%= cookbook_name %>
|
3
|
+
|
4
|
+
# Additional information can be found on the <%= ChefCLI::Dist::INSPEC_PRODUCT %> Documentation site https://docs.chef.io/inspec/waivers/
|
5
|
+
|
6
|
+
# Example Syntax:
|
7
|
+
control_id_to_waive:
|
8
|
+
expiration_date: 2050-12-31
|
9
|
+
run: false
|
10
|
+
justification: "This is the text that will be included with the InSpec report supplying the reason this control is waived."
|
data/lib/chef-cli/version.rb
CHANGED
data/spec/spec_helper.rb
CHANGED
@@ -137,13 +137,5 @@ describe ChefCLI::Command::Generate do
|
|
137
137
|
end
|
138
138
|
|
139
139
|
end
|
140
|
-
|
141
|
-
describe "When build-cookbookis given as subcommand" do
|
142
|
-
it "shows deprecation warning when" do
|
143
|
-
result = generate.run(%w{build-cookbook example})
|
144
|
-
expect(result).to eq(1)
|
145
|
-
end
|
146
|
-
end
|
147
|
-
|
148
140
|
end
|
149
141
|
end
|
@@ -44,6 +44,7 @@ describe ChefCLI::Command::GeneratorCommands::Cookbook do
|
|
44
44
|
CHANGELOG.md
|
45
45
|
recipes
|
46
46
|
recipes/default.rb
|
47
|
+
compliance/README.md
|
47
48
|
}
|
48
49
|
end
|
49
50
|
|
@@ -67,6 +68,7 @@ describe ChefCLI::Command::GeneratorCommands::Cookbook do
|
|
67
68
|
spec/unit
|
68
69
|
spec/unit/recipes
|
69
70
|
spec/unit/recipes/default_spec.rb
|
71
|
+
compliance/README.md
|
70
72
|
}
|
71
73
|
end
|
72
74
|
|
@@ -87,7 +89,6 @@ describe ChefCLI::Command::GeneratorCommands::Cookbook do
|
|
87
89
|
Your cookbook is ready. Type `cd new_cookbook` to enter it.
|
88
90
|
|
89
91
|
There are several commands you can run to get started locally developing and testing your cookbook.
|
90
|
-
Type `delivery local --help` to see a full list of local testing commands.
|
91
92
|
|
92
93
|
Why not start by writing an InSpec test? Tests for the default recipe are stored at:
|
93
94
|
|
@@ -0,0 +1,31 @@
|
|
1
|
+
#
|
2
|
+
# Copyright:: Chef Software Inc.
|
3
|
+
# License:: Apache License, Version 2.0
|
4
|
+
#
|
5
|
+
# Licensed under the Apache License, Version 2.0 (the "License");
|
6
|
+
# you may not use this file except in compliance with the License.
|
7
|
+
# You may obtain a copy of the License at
|
8
|
+
#
|
9
|
+
# http://www.apache.org/licenses/LICENSE-2.0
|
10
|
+
#
|
11
|
+
# Unless required by applicable law or agreed to in writing, software
|
12
|
+
# distributed under the License is distributed on an "AS IS" BASIS,
|
13
|
+
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
14
|
+
# See the License for the specific language governing permissions and
|
15
|
+
# limitations under the License.
|
16
|
+
#
|
17
|
+
|
18
|
+
require "spec_helper"
|
19
|
+
require "shared/a_file_generator"
|
20
|
+
require "chef-cli/command/generator_commands/input"
|
21
|
+
|
22
|
+
describe ChefCLI::Command::GeneratorCommands::Input do
|
23
|
+
|
24
|
+
include_examples "a file generator" do
|
25
|
+
|
26
|
+
let(:generator_name) { "input" }
|
27
|
+
let(:generated_files) { [ "compliance/inputs/new_input.yml" ] }
|
28
|
+
let(:new_file_name) { "new_input" }
|
29
|
+
|
30
|
+
end
|
31
|
+
end
|
@@ -0,0 +1,34 @@
|
|
1
|
+
#
|
2
|
+
# Copyright:: Chef Software Inc.
|
3
|
+
# License:: Apache License, Version 2.0
|
4
|
+
#
|
5
|
+
# Licensed under the Apache License, Version 2.0 (the "License");
|
6
|
+
# you may not use this file except in compliance with the License.
|
7
|
+
# You may obtain a copy of the License at
|
8
|
+
#
|
9
|
+
# http://www.apache.org/licenses/LICENSE-2.0
|
10
|
+
#
|
11
|
+
# Unless required by applicable law or agreed to in writing, software
|
12
|
+
# distributed under the License is distributed on an "AS IS" BASIS,
|
13
|
+
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
14
|
+
# See the License for the specific language governing permissions and
|
15
|
+
# limitations under the License.
|
16
|
+
#
|
17
|
+
|
18
|
+
require "spec_helper"
|
19
|
+
require "shared/a_file_generator"
|
20
|
+
require "chef-cli/command/generator_commands/profile"
|
21
|
+
|
22
|
+
describe ChefCLI::Command::GeneratorCommands::Profile do
|
23
|
+
|
24
|
+
include_examples "a file generator" do
|
25
|
+
|
26
|
+
let(:generator_name) { "profile" }
|
27
|
+
let(:generated_files) {
|
28
|
+
[ "compliance/profiles/new_profile/inspec.yml",
|
29
|
+
"compliance/profiles/new_profile/controls/example.rb" ]
|
30
|
+
}
|
31
|
+
let(:new_file_name) { "new_profile" }
|
32
|
+
|
33
|
+
end
|
34
|
+
end
|
@@ -0,0 +1,31 @@
|
|
1
|
+
#
|
2
|
+
# Copyright:: Chef Software Inc.
|
3
|
+
# License:: Apache License, Version 2.0
|
4
|
+
#
|
5
|
+
# Licensed under the Apache License, Version 2.0 (the "License");
|
6
|
+
# you may not use this file except in compliance with the License.
|
7
|
+
# You may obtain a copy of the License at
|
8
|
+
#
|
9
|
+
# http://www.apache.org/licenses/LICENSE-2.0
|
10
|
+
#
|
11
|
+
# Unless required by applicable law or agreed to in writing, software
|
12
|
+
# distributed under the License is distributed on an "AS IS" BASIS,
|
13
|
+
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
14
|
+
# See the License for the specific language governing permissions and
|
15
|
+
# limitations under the License.
|
16
|
+
#
|
17
|
+
|
18
|
+
require "spec_helper"
|
19
|
+
require "shared/a_file_generator"
|
20
|
+
require "chef-cli/command/generator_commands/waiver"
|
21
|
+
|
22
|
+
describe ChefCLI::Command::GeneratorCommands::Waiver do
|
23
|
+
|
24
|
+
include_examples "a file generator" do
|
25
|
+
|
26
|
+
let(:generator_name) { "waiver" }
|
27
|
+
let(:generated_files) { [ "compliance/waivers/new_waiver.yml" ] }
|
28
|
+
let(:new_file_name) { "new_waiver" }
|
29
|
+
|
30
|
+
end
|
31
|
+
end
|
metadata
CHANGED
@@ -1,14 +1,14 @@
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
2
2
|
name: chef-cli
|
3
3
|
version: !ruby/object:Gem::Version
|
4
|
-
version: 5.
|
4
|
+
version: 5.6.0
|
5
5
|
platform: ruby
|
6
6
|
authors:
|
7
7
|
- Chef Software, Inc.
|
8
8
|
autorequire:
|
9
9
|
bindir: bin
|
10
10
|
cert_chain: []
|
11
|
-
date: 2022-
|
11
|
+
date: 2022-02-02 00:00:00.000000000 Z
|
12
12
|
dependencies:
|
13
13
|
- !ruby/object:Gem::Dependency
|
14
14
|
name: mixlib-cli
|
@@ -248,13 +248,15 @@ files:
|
|
248
248
|
- lib/chef-cli/command/generator_commands/cookbook_file.rb
|
249
249
|
- lib/chef-cli/command/generator_commands/generator_generator.rb
|
250
250
|
- lib/chef-cli/command/generator_commands/helpers.rb
|
251
|
+
- lib/chef-cli/command/generator_commands/input.rb
|
251
252
|
- lib/chef-cli/command/generator_commands/policyfile.rb
|
253
|
+
- lib/chef-cli/command/generator_commands/profile.rb
|
252
254
|
- lib/chef-cli/command/generator_commands/recipe.rb
|
253
255
|
- lib/chef-cli/command/generator_commands/repo.rb
|
254
256
|
- lib/chef-cli/command/generator_commands/resource.rb
|
255
257
|
- lib/chef-cli/command/generator_commands/template.rb
|
258
|
+
- lib/chef-cli/command/generator_commands/waiver.rb
|
256
259
|
- lib/chef-cli/command/install.rb
|
257
|
-
- lib/chef-cli/command/provision.rb
|
258
260
|
- lib/chef-cli/command/push.rb
|
259
261
|
- lib/chef-cli/command/push_archive.rb
|
260
262
|
- lib/chef-cli/command/shell_init.rb
|
@@ -330,7 +332,6 @@ files:
|
|
330
332
|
- lib/chef-cli/skeletons/code_generator/files/default/chefignore
|
331
333
|
- lib/chef-cli/skeletons/code_generator/files/default/cookbook_readmes/README-policy.md
|
332
334
|
- lib/chef-cli/skeletons/code_generator/files/default/cookbook_readmes/README.md
|
333
|
-
- lib/chef-cli/skeletons/code_generator/files/default/delivery-project.toml
|
334
335
|
- lib/chef-cli/skeletons/code_generator/files/default/gitignore
|
335
336
|
- lib/chef-cli/skeletons/code_generator/files/default/repo/README.md
|
336
337
|
- lib/chef-cli/skeletons/code_generator/files/default/repo/cookbooks/example/README.md
|
@@ -352,11 +353,14 @@ files:
|
|
352
353
|
- lib/chef-cli/skeletons/code_generator/recipes/cookbook.rb
|
353
354
|
- lib/chef-cli/skeletons/code_generator/recipes/cookbook_file.rb
|
354
355
|
- lib/chef-cli/skeletons/code_generator/recipes/helpers.rb
|
356
|
+
- lib/chef-cli/skeletons/code_generator/recipes/input.rb
|
355
357
|
- lib/chef-cli/skeletons/code_generator/recipes/policyfile.rb
|
358
|
+
- lib/chef-cli/skeletons/code_generator/recipes/profile.rb
|
356
359
|
- lib/chef-cli/skeletons/code_generator/recipes/recipe.rb
|
357
360
|
- lib/chef-cli/skeletons/code_generator/recipes/repo.rb
|
358
361
|
- lib/chef-cli/skeletons/code_generator/recipes/resource.rb
|
359
362
|
- lib/chef-cli/skeletons/code_generator/recipes/template.rb
|
363
|
+
- lib/chef-cli/skeletons/code_generator/recipes/waiver.rb
|
360
364
|
- lib/chef-cli/skeletons/code_generator/templates/default/CHANGELOG.md.erb
|
361
365
|
- lib/chef-cli/skeletons/code_generator/templates/default/LICENSE.all_rights.erb
|
362
366
|
- lib/chef-cli/skeletons/code_generator/templates/default/LICENSE.apachev2.erb
|
@@ -366,9 +370,12 @@ files:
|
|
366
370
|
- lib/chef-cli/skeletons/code_generator/templates/default/Policyfile.rb.erb
|
367
371
|
- lib/chef-cli/skeletons/code_generator/templates/default/README.md.erb
|
368
372
|
- lib/chef-cli/skeletons/code_generator/templates/default/attribute.rb.erb
|
373
|
+
- lib/chef-cli/skeletons/code_generator/templates/default/compliance_dir_README.md.erb
|
374
|
+
- lib/chef-cli/skeletons/code_generator/templates/default/compliance_profile_control.rb.erb
|
375
|
+
- lib/chef-cli/skeletons/code_generator/templates/default/compliance_profile_inspec.yml.erb
|
369
376
|
- lib/chef-cli/skeletons/code_generator/templates/default/cookbook_file.erb
|
370
|
-
- lib/chef-cli/skeletons/code_generator/templates/default/delivery-project.toml.erb
|
371
377
|
- lib/chef-cli/skeletons/code_generator/templates/default/helpers.rb.erb
|
378
|
+
- lib/chef-cli/skeletons/code_generator/templates/default/input.yml.erb
|
372
379
|
- lib/chef-cli/skeletons/code_generator/templates/default/inspec_default_test.rb.erb
|
373
380
|
- lib/chef-cli/skeletons/code_generator/templates/default/kitchen.yml.erb
|
374
381
|
- lib/chef-cli/skeletons/code_generator/templates/default/kitchen_dokken.yml.erb
|
@@ -380,6 +387,7 @@ files:
|
|
380
387
|
- lib/chef-cli/skeletons/code_generator/templates/default/repo/gitignore.erb
|
381
388
|
- lib/chef-cli/skeletons/code_generator/templates/default/resource.rb.erb
|
382
389
|
- lib/chef-cli/skeletons/code_generator/templates/default/template.erb
|
390
|
+
- lib/chef-cli/skeletons/code_generator/templates/default/waiver.yml.erb
|
383
391
|
- lib/chef-cli/ui.rb
|
384
392
|
- lib/chef-cli/version.rb
|
385
393
|
- lib/kitchen/provisioner/chef_zero_capture.rb
|
@@ -414,11 +422,14 @@ files:
|
|
414
422
|
- spec/unit/command/generator_commands/cookbook_spec.rb
|
415
423
|
- spec/unit/command/generator_commands/generator_generator_spec.rb
|
416
424
|
- spec/unit/command/generator_commands/helpers_spec.rb
|
425
|
+
- spec/unit/command/generator_commands/input_spec.rb
|
417
426
|
- spec/unit/command/generator_commands/policyfile_spec.rb
|
427
|
+
- spec/unit/command/generator_commands/profile_spec.rb
|
418
428
|
- spec/unit/command/generator_commands/recipe_spec.rb
|
419
429
|
- spec/unit/command/generator_commands/repo_spec.rb
|
420
430
|
- spec/unit/command/generator_commands/resource_spec.rb
|
421
431
|
- spec/unit/command/generator_commands/template_spec.rb
|
432
|
+
- spec/unit/command/generator_commands/waiver_spec.rb
|
422
433
|
- spec/unit/command/install_spec.rb
|
423
434
|
- spec/unit/command/push_archive_spec.rb
|
424
435
|
- spec/unit/command/push_spec.rb
|
@@ -637,11 +648,14 @@ test_files:
|
|
637
648
|
- spec/unit/command/generator_commands/cookbook_spec.rb
|
638
649
|
- spec/unit/command/generator_commands/generator_generator_spec.rb
|
639
650
|
- spec/unit/command/generator_commands/helpers_spec.rb
|
651
|
+
- spec/unit/command/generator_commands/input_spec.rb
|
640
652
|
- spec/unit/command/generator_commands/policyfile_spec.rb
|
653
|
+
- spec/unit/command/generator_commands/profile_spec.rb
|
641
654
|
- spec/unit/command/generator_commands/recipe_spec.rb
|
642
655
|
- spec/unit/command/generator_commands/repo_spec.rb
|
643
656
|
- spec/unit/command/generator_commands/resource_spec.rb
|
644
657
|
- spec/unit/command/generator_commands/template_spec.rb
|
658
|
+
- spec/unit/command/generator_commands/waiver_spec.rb
|
645
659
|
- spec/unit/command/install_spec.rb
|
646
660
|
- spec/unit/command/push_archive_spec.rb
|
647
661
|
- spec/unit/command/push_spec.rb
|
@@ -1,32 +0,0 @@
|
|
1
|
-
# Delivery for Local Phases Execution
|
2
|
-
#
|
3
|
-
# This file allows you to execute test phases locally on a workstation or
|
4
|
-
# in a CI pipeline. The delivery-cli will read this file and execute the
|
5
|
-
# command(s) that are configured for each phase. You can customize them
|
6
|
-
# by just modifying the phase key on this file.
|
7
|
-
#
|
8
|
-
# By default these phases are configured for Cookbook Workflow only
|
9
|
-
#
|
10
|
-
|
11
|
-
[local_phases]
|
12
|
-
unit = "chef exec rspec spec/"
|
13
|
-
lint = "chef exec cookstyle"
|
14
|
-
# foodcritic has been deprecated in favor of cookstyle so we skip the syntax
|
15
|
-
# phase now.
|
16
|
-
syntax = "echo skipping syntax phase. Use lint phase instead."
|
17
|
-
provision = "chef exec kitchen create"
|
18
|
-
deploy = "chef exec kitchen converge"
|
19
|
-
smoke = "chef exec kitchen verify"
|
20
|
-
# The functional phase is optional, you can define it by uncommenting
|
21
|
-
# the line below and running the command: `delivery local functional`
|
22
|
-
# functional = ""
|
23
|
-
cleanup = "chef exec kitchen destroy"
|
24
|
-
|
25
|
-
# Remote project.toml file
|
26
|
-
#
|
27
|
-
# Instead of the local phases above, you may specify a remote URI location for
|
28
|
-
# the `project.toml` file. This is useful for teams that wish to centrally
|
29
|
-
# manage the behavior of the `delivery local` command across many different
|
30
|
-
# projects.
|
31
|
-
#
|
32
|
-
# remote_file = "https://url/project.toml"
|
@@ -1,36 +0,0 @@
|
|
1
|
-
# Delivery for Local Phases Execution
|
2
|
-
#
|
3
|
-
# This file allows you to execute test phases locally on a workstation or
|
4
|
-
# in a CI pipeline. The delivery-cli will read this file and execute the
|
5
|
-
# command(s) that are configured for each phase. You can customize them
|
6
|
-
# by just modifying the phase key on this file.
|
7
|
-
#
|
8
|
-
# By default these phases are configured for Cookbook Workflow only
|
9
|
-
#
|
10
|
-
|
11
|
-
[local_phases]
|
12
|
-
<% if @specs %>
|
13
|
-
unit = "chef exec rspec spec/"
|
14
|
-
<% else %>
|
15
|
-
unit = "echo skipping unit phase."
|
16
|
-
<% end %>
|
17
|
-
lint = "chef exec cookstyle"
|
18
|
-
# foodcritic has been deprecated in favor of cookstyle so we skip the syntax
|
19
|
-
# phase now.
|
20
|
-
syntax = "echo skipping syntax phase. Use lint phase instead."
|
21
|
-
provision = "chef exec kitchen create"
|
22
|
-
deploy = "chef exec kitchen converge"
|
23
|
-
smoke = "chef exec kitchen verify"
|
24
|
-
# The functional phase is optional, you can define it by uncommenting
|
25
|
-
# the line below and running the command: `delivery local functional`
|
26
|
-
# functional = ""
|
27
|
-
cleanup = "chef exec kitchen destroy"
|
28
|
-
|
29
|
-
# Remote project.toml file
|
30
|
-
#
|
31
|
-
# Instead of the local phases above, you may specify a remote URI location for
|
32
|
-
# the `project.toml` file. This is useful for teams that wish to centrally
|
33
|
-
# manage the behavior of the `delivery local` command across many different
|
34
|
-
# projects.
|
35
|
-
#
|
36
|
-
# remote_file = "https://url/project.toml"
|