chef 16.8.9-universal-mingw32 → 16.8.14-universal-mingw32
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- checksums.yaml +4 -4
- data/lib/chef/compliance/reporter/chef_server_automate.rb +2 -0
- data/lib/chef/compliance/runner.rb +42 -31
- data/lib/chef/knife/ssh.rb +2 -0
- data/lib/chef/version.rb +1 -1
- data/spec/unit/compliance/runner_spec.rb +27 -0
- metadata +6 -6
checksums.yaml
CHANGED
@@ -1,7 +1,7 @@
|
|
1
1
|
---
|
2
2
|
SHA256:
|
3
|
-
metadata.gz:
|
4
|
-
data.tar.gz:
|
3
|
+
metadata.gz: a402ad1804c5598430fc8d710c1c595fd9bbaf12c402d6cf292c7116b3fea2a5
|
4
|
+
data.tar.gz: 53feecbd87fd2523bf12ed8c0b6665026edf1aba53bfa9fbd671f662a97e220c
|
5
5
|
SHA512:
|
6
|
-
metadata.gz:
|
7
|
-
data.tar.gz:
|
6
|
+
metadata.gz: ce2334263a8401db42070c380242d07340a34a93ae79a0c0d614bea8725f71541e73ccfd4254e711f71826f02dc7172ede575d9e353b8e31927631fbe4edd98d
|
7
|
+
data.tar.gz: 5f6ec68ae4267b02140264890af0b777459e5e2536c4991c651726fe62db097017710dc0597017b9a3d5f27944a762d96171a69d9d5c1d3250c05fbf98c3ade5
|
@@ -178,6 +178,8 @@ class Chef
|
|
178
178
|
|
179
179
|
# extracts relevant node data
|
180
180
|
def node_info
|
181
|
+
chef_server_uri = URI(Chef::Config[:chef_server_url])
|
182
|
+
|
181
183
|
runlist_roles = node.run_list.select { |item| item.type == :role }.map(&:name)
|
182
184
|
runlist_recipes = node.run_list.select { |item| item.type == :recipe }.map(&:name)
|
183
185
|
{
|
@@ -199,52 +201,61 @@ class Chef
|
|
199
201
|
}
|
200
202
|
end
|
201
203
|
|
202
|
-
def send_report(
|
203
|
-
logger.info "Reporting to #{
|
204
|
+
def send_report(reporter_type, report)
|
205
|
+
logger.info "Reporting to #{reporter_type}"
|
206
|
+
|
207
|
+
reporter = reporter(reporter_type)
|
204
208
|
|
205
|
-
|
206
|
-
|
207
|
-
control_results_limit = node["audit"]["control_results_limit"]
|
209
|
+
reporter.send_report(report) if reporter
|
210
|
+
end
|
208
211
|
|
209
|
-
|
212
|
+
def reporter(reporter_type)
|
213
|
+
case reporter_type
|
210
214
|
when "chef-automate"
|
211
215
|
opts = {
|
216
|
+
control_results_limit: node["audit"]["control_results_limit"],
|
212
217
|
entity_uuid: node["chef_guid"],
|
213
|
-
|
218
|
+
insecure: node["audit"]["insecure"],
|
214
219
|
node_info: node_info,
|
215
|
-
|
216
|
-
run_time_limit: run_time_limit,
|
217
|
-
control_results_limit: control_results_limit,
|
220
|
+
run_id: run_id,
|
221
|
+
run_time_limit: node["audit"]["run_time_limit"],
|
218
222
|
}
|
219
|
-
Chef::Compliance::Reporter::Automate.new(opts)
|
223
|
+
Chef::Compliance::Reporter::Automate.new(opts)
|
220
224
|
when "chef-server-automate"
|
221
|
-
|
222
|
-
|
223
|
-
|
224
|
-
|
225
|
-
|
226
|
-
|
227
|
-
|
228
|
-
|
229
|
-
|
230
|
-
|
231
|
-
run_time_limit: run_time_limit,
|
232
|
-
control_results_limit: control_results_limit,
|
233
|
-
}
|
234
|
-
Chef::Compliance::Reporter::ChefServer.new(opts).send_report(report)
|
235
|
-
else
|
236
|
-
logger.warn "Unable to determine #{ChefUtils::Dist::Server::PRODUCT} url required by #{Inspec::Dist::PRODUCT_NAME} report collector '#{reporter}'. Skipping..."
|
237
|
-
end
|
225
|
+
opts = {
|
226
|
+
control_results_limit: node["audit"]["control_results_limit"],
|
227
|
+
entity_uuid: node["chef_guid"],
|
228
|
+
insecure: node["audit"]["insecure"],
|
229
|
+
node_info: node_info,
|
230
|
+
run_id: run_id,
|
231
|
+
run_time_limit: node["audit"]["run_time_limit"],
|
232
|
+
url: chef_server_automate_url,
|
233
|
+
}
|
234
|
+
Chef::Compliance::Reporter::ChefServerAutomate.new(opts)
|
238
235
|
when "json-file"
|
239
236
|
path = node["audit"]["json_file"]["location"]
|
240
237
|
logger.info "Writing compliance report to #{path}"
|
241
|
-
Chef::Compliance::Reporter::JsonFile.new(file: path)
|
238
|
+
Chef::Compliance::Reporter::JsonFile.new(file: path)
|
242
239
|
when "audit-enforcer"
|
243
|
-
Chef::Compliance::Reporter::ComplianceEnforcer.new
|
240
|
+
Chef::Compliance::Reporter::ComplianceEnforcer.new
|
244
241
|
else
|
245
|
-
|
242
|
+
raise "'#{reporter_type}' is not a supported reporter for Compliance Phase."
|
246
243
|
end
|
247
244
|
end
|
245
|
+
|
246
|
+
def chef_server_automate_url
|
247
|
+
url = if node["audit"]["server"]
|
248
|
+
URI(node["audit"]["server"])
|
249
|
+
else
|
250
|
+
URI(Chef::Config[:chef_server_url]).tap do |u|
|
251
|
+
u.path = ""
|
252
|
+
end
|
253
|
+
end
|
254
|
+
|
255
|
+
org = Chef::Config[:chef_server_url].split("/").last
|
256
|
+
url.path = File.join(url.path, "organizations/#{org}/data-collector")
|
257
|
+
url
|
258
|
+
end
|
248
259
|
end
|
249
260
|
end
|
250
261
|
end
|
data/lib/chef/knife/ssh.rb
CHANGED
data/lib/chef/version.rb
CHANGED
@@ -110,4 +110,31 @@ describe Chef::Compliance::Runner do
|
|
110
110
|
runner.warn_for_deprecated_config_values!
|
111
111
|
end
|
112
112
|
end
|
113
|
+
|
114
|
+
describe "#reporter" do
|
115
|
+
context "chef-server-automate reporter" do
|
116
|
+
it "uses the correct URL when 'server' attribute is set" do
|
117
|
+
Chef::Config[:chef_server_url] = "https://chef_config_url.example.com/my_org"
|
118
|
+
node.normal["audit"]["server"] = "https://server_attribute_url.example.com/application/sub_application"
|
119
|
+
|
120
|
+
reporter = runner.reporter("chef-server-automate")
|
121
|
+
|
122
|
+
expect(reporter).to be_kind_of(Chef::Compliance::Reporter::ChefServerAutomate)
|
123
|
+
expect(reporter.url).to eq(URI("https://server_attribute_url.example.com/application/sub_application/organizations/my_org/data-collector"))
|
124
|
+
end
|
125
|
+
|
126
|
+
it "falls back to chef_server_url for URL when 'server' attribute is not set" do
|
127
|
+
Chef::Config[:chef_server_url] = "https://chef_config_url.example.com/my_org"
|
128
|
+
|
129
|
+
reporter = runner.reporter("chef-server-automate")
|
130
|
+
|
131
|
+
expect(reporter).to be_kind_of(Chef::Compliance::Reporter::ChefServerAutomate)
|
132
|
+
expect(reporter.url).to eq(URI("https://chef_config_url.example.com/organizations/my_org/data-collector"))
|
133
|
+
end
|
134
|
+
end
|
135
|
+
|
136
|
+
it "fails with unexpected reporter value" do
|
137
|
+
expect { runner.reporter("tacos") }.to raise_error(/'tacos' is not a supported reporter for Compliance Phase/)
|
138
|
+
end
|
139
|
+
end
|
113
140
|
end
|
metadata
CHANGED
@@ -1,14 +1,14 @@
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
2
2
|
name: chef
|
3
3
|
version: !ruby/object:Gem::Version
|
4
|
-
version: 16.8.
|
4
|
+
version: 16.8.14
|
5
5
|
platform: universal-mingw32
|
6
6
|
authors:
|
7
7
|
- Adam Jacob
|
8
8
|
autorequire:
|
9
9
|
bindir: bin
|
10
10
|
cert_chain: []
|
11
|
-
date: 2020-12-
|
11
|
+
date: 2020-12-11 00:00:00.000000000 Z
|
12
12
|
dependencies:
|
13
13
|
- !ruby/object:Gem::Dependency
|
14
14
|
name: chef-config
|
@@ -16,28 +16,28 @@ dependencies:
|
|
16
16
|
requirements:
|
17
17
|
- - '='
|
18
18
|
- !ruby/object:Gem::Version
|
19
|
-
version: 16.8.
|
19
|
+
version: 16.8.14
|
20
20
|
type: :runtime
|
21
21
|
prerelease: false
|
22
22
|
version_requirements: !ruby/object:Gem::Requirement
|
23
23
|
requirements:
|
24
24
|
- - '='
|
25
25
|
- !ruby/object:Gem::Version
|
26
|
-
version: 16.8.
|
26
|
+
version: 16.8.14
|
27
27
|
- !ruby/object:Gem::Dependency
|
28
28
|
name: chef-utils
|
29
29
|
requirement: !ruby/object:Gem::Requirement
|
30
30
|
requirements:
|
31
31
|
- - '='
|
32
32
|
- !ruby/object:Gem::Version
|
33
|
-
version: 16.8.
|
33
|
+
version: 16.8.14
|
34
34
|
type: :runtime
|
35
35
|
prerelease: false
|
36
36
|
version_requirements: !ruby/object:Gem::Requirement
|
37
37
|
requirements:
|
38
38
|
- - '='
|
39
39
|
- !ruby/object:Gem::Version
|
40
|
-
version: 16.8.
|
40
|
+
version: 16.8.14
|
41
41
|
- !ruby/object:Gem::Dependency
|
42
42
|
name: train-core
|
43
43
|
requirement: !ruby/object:Gem::Requirement
|