cps-property-generator 0.2.16 → 0.3.0

data/lib/linter/globals_linter.rb

@@ -1,27 +1,32 @@
 require_relative '../helpers/helpers'
+
 module PropertyGenerator
   require 'yaml'
+  require 'pathname'
   class GlobalsLinter
+    TESTS = [
+      'globals_load_as_hashes',
+      'globals_are_defined_for_valid_environemnts'
+    ].freeze
 
-    def initialize(path, configs)
+    def initialize(path, configs, ignored_tests)
       @configs = configs
       @globals = {}
+      @ignored_tests = ignored_tests
       valid_paths = PropertyGenerator.valid_paths(path)
       valid_paths.each do |file_path|
-          @globals[file_path] = YAML.load_file(file_path)
+        @globals[file_path] = YAML.load_file(file_path)
       end
     end
 
     def run_globals_tests
-      tests = ['globals_load_as_hashes',
-               'globals_are_defined_for_valid_environemnts',
-               ]
-      results = PropertyGenerator.test_runner(self, tests)
-      results
+      tests = TESTS - @ignored_tests
+
+      PropertyGenerator.test_runner(self, tests)
     end
 
     def globals_load_as_hashes
-      status = {status: 'pass', error: ''}
+      status = { status: 'pass', error: '' }
       non_hash_globals = []
       @globals.each do |path, loaded|
         if loaded.class != Hash
@@ -36,13 +41,13 @@ module PropertyGenerator
     end
 
     def globals_have_no_hashes_as_values
-      status = {status: 'pass', error: ''}
+      status = { status: 'pass', error: '' }
       globals_with_hash_props = []
       @globals.each do |path, loaded|
         if loaded.class == Hash
           loaded.each do |key, value|
             if value.class == Hash
-              globals_with_hash_props << {path => key}
+              globals_with_hash_props << { path => key }
             end
           end
         end
@@ -55,30 +60,30 @@ module PropertyGenerator
     end
 
     def globals_are_defined_for_valid_environemnts
-      status = {status: 'pass', error: ''}
+      status = { status: 'pass', error: '' }
       ignore_list = ['globals.yml']
-      globals_with_invalid_environments = []
-      accounts = []
-      if @configs['accounts'] != nil
-        @configs['accounts'].each do |account|
-          accounts << account.to_s
-        end
-        @globals.each do |path, loaded|
-          unless @configs['environments'].include?((path.split('/')[(path.split('/')).length - 1]).split('.')[0]) || accounts.include?((path.split('/')[(path.split('/')).length - 1]).split('.')[0])
-            globals_with_invalid_environments << path unless ignore_list.include?(path.split('/')[(path.split('/')).length - 1])
-          end
-        end
-        if globals_with_invalid_environments != []
-          status[:status] = 'warn'
-          status[:error] = "Files #{globals_with_invalid_environments} do not have names matching a declared environment."
-        end
-      else
+
+      if @configs['accounts'].nil?
         status[:status] = 'warn'
-        status[:error] = "Accounts list in config file is missing."
+        status[:error] = 'Accounts list in config file is missing.'
+        return status
+      end
+
+      accounts = @configs['accounts'].map(&:to_s)
+      globals_with_invalid_environments = @globals.keys.select do |path|
+        p = Pathname.new(path)
+        filename = p.basename(File.extname(path)).to_s
+        next if ignore_list.include?(p.basename.to_s)
+
+        !(@configs['environments'].include?(filename) || accounts.include?(filename))
       end
-      status
-    end
 
+      unless globals_with_invalid_environments.empty?
+        status[:status] = 'warn'
+        status[:error] = "Files #{globals_with_invalid_environments} do not have names matching a declared environment."
+      end
 
+      status
+    end
   end
 end

data/lib/linter/linter.rb

@@ -1,17 +1,32 @@
 module PropertyGenerator
-  require_relative 'config_linter.rb'
-  require_relative 'globals_linter.rb'
-  require_relative 'services_linter.rb'
-  require_relative 'report.rb'
+  require_relative 'config_linter'
+  require_relative 'globals_linter'
+  require_relative 'services_linter'
+  require_relative 'report'
   class Linter
+    attr_accessor :ignored_tests, :services_linter, :globals_linter, :config_linter, :report
 
     def initialize(path)
-      ignore_list = ['README.md']
+      ignore_list = %w[README.md .cpsignore]
       invalid_paths = PropertyGenerator.invalid_paths(path, ignore_list)
-      @config_linter = PropertyGenerator::ConfigLinter.new(path+"/config/config.yml")
-      @globals_linter = PropertyGenerator::GlobalsLinter.new(path+"/globals/", @config_linter.configs)
-      @services_linter = PropertyGenerator::ServicesLinter.new(path+"/services/", @config_linter.configs)
-      @report = PropertyGenerator::Report.new(invalid_paths)
+      begin
+        @ignored_tests = YAML.load_file("#{path}/.cpsignore")
+      rescue StandardError
+        @ignored_tests = {}
+      end
+      @config_linter = PropertyGenerator::ConfigLinter.new("#{path}/config/config.yml", @ignored_tests['config'] || [])
+      @globals_linter = PropertyGenerator::GlobalsLinter.new("#{path}/globals/", @config_linter.configs, @ignored_tests['globals'] || [])
+      @services_linter = PropertyGenerator::ServicesLinter.new("#{path}/services/", @config_linter.configs, @ignored_tests['services'] || [])
+
+      unless @ignored_tests['display_skipped_tests'].nil?
+        if @ignored_tests['display_skipped_tests']
+          @ignored_tests.delete('display_skipped_tests')
+        else
+          @ignored_tests = []
+        end
+      end
+
+      @report = PropertyGenerator::Report.new(invalid_paths, @ignored_tests)
     end
 
     def run_tests
@@ -34,6 +49,5 @@ module PropertyGenerator
     def display_report
       @report.display_report
     end
-
   end
 end

data/lib/linter/report.rb

@@ -2,9 +2,10 @@ module PropertyGenerator
   require 'terminal-table'
 
   class Report
-    def initialize(files_failing_load)
+    def initialize(files_failing_load, ignored_tests)
       @files_failing_load = files_failing_load
       @full_report = {}
+      @ignored_tests = ignored_tests
     end
 
     def add_report(report)
@@ -12,12 +13,16 @@ module PropertyGenerator
     end
 
     def display_report
-      if @files_failing_load != []
-        make_failing_to_load_table
+      unless @files_failing_load.empty?
+        puts make_failing_to_load_table
+        puts '*****************'
+        puts "Check for property values that start with an interpolated value \nIf the first character of the value is a bracket yaml will fail to load \nPlace the value in quotes"
+        puts '*****************'
       end
-      make_pass_table
-      make_warn_table
-      make_fail_table
+      puts make_skip_table
+      puts make_pass_table
+      puts make_warn_table
+      puts make_fail_table
     end
 
     def has_a_test_failed
@@ -39,45 +44,43 @@ module PropertyGenerator
       @files_failing_load.each do |failed|
         rows << [failed]
       end
-      table = Terminal::Table.new :headings => ['Files'], :title => 'Files Failing to Load', :rows => rows, :style => {:width => 200}
-      puts table
-      puts "*****************"
-      puts "Check for property values that start with an interpolated value \nIf the first character of the value is a bracket yaml will fail to load \nPlace the value in quotes"
-      puts "*****************"
+      Terminal::Table.new :headings => ['Files'], :title => 'Files Failing to Load', :rows => rows, :style => { :width => 200 }
+    end
+
+    def make_skip_table
+      return if @ignored_tests.empty?
+
+      Terminal::Table.new(headings: ['Test'], title: 'Skipped Tests', rows: @ignored_tests.values, style: { width: 200 })
     end
 
     def make_pass_table
       rows = []
-      @full_report.each do |test,status|
+      @full_report.each do |test, status|
         if status[:status] == 'pass'
           rows << [test.gsub('_', ' ')]
         end
       end
-      table = Terminal::Table.new :headings => ['Test'], :title => 'Passing Tests', :rows => rows, :style => {:width => 200}
-      puts table
+      Terminal::Table.new(headings: ['Test'], title: 'Passing Tests', rows: rows, style: { width: 200 })
     end
 
     def make_warn_table
       rows = []
-      @full_report.each do |test,status|
+      @full_report.each do |test, status|
         if status[:status] == 'warn'
           rows << [test.gsub('_', ' '), status[:error].scan(/.{1,90}/).join("\n")]
         end
       end
-      table = Terminal::Table.new :headings => ['Test', 'Error'], :title => 'Warning Tests', :rows => rows, :style => {:width => 200}
-      puts table
+      Terminal::Table.new(headings: ['Test', 'Error'], title: 'Warning Tests', rows: rows, style: { width: 200 })
     end
 
     def make_fail_table
       rows = []
-      @full_report.each do |test,status|
+      @full_report.each do |test, status|
         if status[:status] == 'fail'
           rows << [test.gsub('_', ' '), status[:error].scan(/.{1,90}/).join("\n")]
         end
       end
-      table = Terminal::Table.new :headings => ['Test', 'Error'], :title => 'Failing Tests', :rows => rows, :style => {:width => 200}
-      puts table
+      Terminal::Table.new(headings: ['Test', 'Error'], title: 'Failing Tests', rows: rows, style: { width: 200 })
     end
-
   end
 end

data/lib/linter/services_linter.rb

@@ -2,10 +2,19 @@ require_relative '../helpers/helpers'
 module PropertyGenerator
   require 'yaml'
   class ServicesLinter
+    TESTS = [
+      'services_have_accepted_keys',
+      'service_environments_are_not_empty',
+      'service_environments_match_config_environments',
+      'service_encrypted_environments_match_config_environments',
+      'service_encrypted_fields_are_correct',
+      'service_encrypted_region_field_is_accepted'
+    ].freeze
 
-    def initialize(path, configs)
+    def initialize(path, configs, ignored_tests)
       @configs = configs
       @services = {}
+      @ignored_tests = ignored_tests
       valid_paths = PropertyGenerator.valid_paths(path)
       valid_paths.each do |file_path|
         @services[file_path] = YAML.load_file(file_path)
@@ -13,28 +22,19 @@ module PropertyGenerator
     end
 
     def run_services_tests
-      tests = [
-        'services_have_accepted_keys',
-        'service_environments_are_not_empty',
-        'service_defaults_have_no_hashes_as_values',
-        'service_environments_match_config_environments',
-        'service_environments_have_no_hashes_as_values',
-        'service_encrypted_environments_match_config_environments',
-        'service_encrypted_fields_are_correct',
-        'service_encrypted_region_field_is_accepted'
-      ]
-      results = PropertyGenerator.test_runner(self, tests)
-      results
+      tests = TESTS - @ignored_tests
+
+      PropertyGenerator.test_runner(self, tests)
     end
 
     def service_environments_are_not_empty
-      status = {status: 'pass', error: ''}
+      status = { status: 'pass', error: '' }
       services_empty_environments = []
       @services.each do |path, loaded|
-        unless loaded['environments'] == nil
+        unless loaded['environments'].nil?
           loaded['environments'].each do |environments, properties|
-            if properties == nil
-              services_empty_environments << {path => environments}
+            if properties.nil?
+              services_empty_environments << { path => environments }
             end
           end
         end
@@ -47,13 +47,13 @@ module PropertyGenerator
     end
 
     def services_have_accepted_keys
-      status = {status: 'pass', error: ''}
+      status = { status: 'pass', error: '' }
       accepted_keys = ['default', 'environments', 'encrypted', 'configname', 'stringdata', 'configlabels', 'secretlabels', 'label']
       services_with_unacceptable_keys = []
       @services.each do |path, loaded|
         loaded.keys.each do |service_key|
           unless accepted_keys.include?(service_key)
-            services_with_unacceptable_keys << {path => service_key}
+            services_with_unacceptable_keys << { path => service_key }
           end
         end
       end
@@ -64,38 +64,19 @@ module PropertyGenerator
       status
     end
 
-    def service_defaults_have_no_hashes_as_values
-      status = {status: 'pass', error: ''}
-      services_with_hashes_in_defaults = []
-      @services.each do |path, loaded|
-        unless loaded['default'] == nil
-          loaded['default'].each do |defaultkey, defaultvalue|
-            if defaultvalue.class == Hash
-              services_with_hashes_in_defaults << {path => defaultkey}
-            end
-          end
-        end
-      end
-      if services_with_hashes_in_defaults != []
-        status[:status] = 'fail'
-        status[:error] = "Service files: #{services_with_hashes_in_defaults} have default properties with values as hashes."
-      end
-      status
-    end
-
     def service_environments_match_config_environments
-      status = {status: 'pass', error: ''}
+      status = { status: 'pass', error: '' }
       missmatched_environments = []
       @services.each do |path, loaded|
-        if loaded['environments'] != nil
-          loaded['environments'].keys.each do |environment|
-            if @configs['environments'] != nil
-              unless @configs['environments'].include?(environment)
-                missmatched_environments << {path => environment}
-              end
-            else
-              status[:status] = 'warn'
-              status[:error] = "Environments list in config file is missing."
+        next if loaded['environments'].nil?
+
+        loaded['environments'].keys.each do |environment|
+          if @configs['environments'].nil?
+            status[:status] = 'warn'
+            status[:error] = 'Environments list in config file is missing.'
+          else
+            unless @configs['environments'].include?(environment)
+              missmatched_environments << { path => environment }
             end
           end
         end
@@ -107,42 +88,19 @@ module PropertyGenerator
       status
     end
 
-    def service_environments_have_no_hashes_as_values
-      status = {status: 'pass', error: ''}
-      services_with_hashes_in_environments = []
-      @services.each do |path, loaded|
-        unless loaded['environments'] == nil
-          loaded['environments'].each do |environments, properties|
-            unless properties == nil
-              properties.each do |key, value|
-                if value.class == Hash
-                  services_with_hashes_in_environments << {path => {environments => key}}
-                end
-              end
-            end
-          end
-        end
-      end
-      if services_with_hashes_in_environments != []
-        status[:status] = 'fail'
-        status[:error] = "Service files #{services_with_hashes_in_environments} have environment properties with values as hashes."
-      end
-      status
-    end
-
     def service_encrypted_environments_match_config_environments
-      status = {status: 'pass', error: ''}
+      status = { status: 'pass', error: '' }
       missmatched_environments = []
       @services.each do |path, loaded|
-        if loaded['encrypted'] != nil
-          loaded['encrypted'].keys.each do |environment|
-            if @configs['environments'] != nil
-              unless @configs['environments'].include?(environment)
-                missmatched_environments << {path => environment}
-              end
-            else
-              status[:status] = 'warn'
-              status[:error] = "Environments list in config file is missing."
+        next if loaded['encrypted'].nil?
+
+        loaded['encrypted'].keys.each do |environment|
+          if @configs['environments'].nil?
+            status[:status] = 'warn'
+            status[:error] = 'Environments list in config file is missing.'
+          else
+            unless @configs['environments'].include?(environment)
+              missmatched_environments << { path => environment }
             end
           end
         end
@@ -154,66 +112,103 @@ module PropertyGenerator
       status
     end
 
+    def recursive_find_keys(obj, key)
+      if obj.respond_to?(:key?) && obj.key?(key)
+        obj[key]
+      elsif obj.is_a?(Hash) or obj.is_a?(Array)
+        r = nil
+        obj.find{ |*a| r = recursive_find_keys(a.last,key) }
+        r
+      end
+    end
+
     def service_encrypted_fields_are_correct
-      status = {status: 'pass', error: ''}
-      accepted_keys = ['region', 'encrypted', 'service']
+      status = { status: 'pass', error: '' }
+      accepted_keys = ['region', 'encrypted', 'service', 'label']
       services_with_unacceptable_keys = []
       @services.each do |path, loaded|
-        if loaded['encrypted'] != nil
-          loaded['encrypted'].each do |environment, properties|
-            properties.each do |property, value|
-              if value == nil
-                services_with_unacceptable_keys << {path => {environment => property}}
-              elsif value['$ssm'] == nil
-                services_with_unacceptable_keys << {path => {environment => property}}
-              else
-                if value['$ssm'] != nil
-                  value['$ssm'].keys.each do |key|
-                    unless accepted_keys.include?(key)
-                      services_with_unacceptable_keys << {path => {environment => property}}
-                    end
-                  end
+        next if loaded['encrypted'].nil?
+
+        loaded['encrypted'].each do |environment, properties|
+          properties.each do |property, value|
+            if value.nil?
+              services_with_unacceptable_keys << { path => { environment => property } }
+              next
+            end
+
+            s = recursive_find_keys(value, '$ssm')
+            k = recursive_find_keys(value, '$kms')
+            if s.nil? && k.nil?
+              services_with_unacceptable_keys << { path => { environment => property } }
+              next
+            end
+
+            unless s.nil?
+              s.keys.each do |key|
+                unless accepted_keys.include?(key)
+                  services_with_unacceptable_keys << { path => { environment => property } }
+                  next
                 end
               end
             end
+
+            unless k.nil?
+              if (k.keys & ['region', 'encrypted']).count != 2
+                services_with_unacceptable_keys << { path => { environment => property } }
+              end
+            end
           end
         end
       end
-      if services_with_unacceptable_keys != []
+      unless services_with_unacceptable_keys.empty?
         status[:status] = 'fail'
-        status[:error] = "Service files: #{services_with_unacceptable_keys} have encrypted properties with bad indentation or keys other than 'region' and 'encrypted'."
+        status[:error] = "Service files: #{services_with_unacceptable_keys} has an encrypted block without " +
+          "properties, encrypted properties without $kms or $ssm blocks, or encrypted blocks with either bad " +
+          "indentation or incorrect keys."
       end
       status
     end
 
     def service_encrypted_region_field_is_accepted
-      status = {status: 'pass', error: ''}
+      status = { status: 'pass', error: '' }
       services_with_unacceptable_keys = []
       @services.each do |path, loaded|
-        if loaded['encrypted'] != nil
-          loaded['encrypted'].each do |environment, property|
-            if loaded['encrypted'][environment][property] != nil
-              loaded['encrypted'][environment][property].each do |ssm, keys|
-                if @configs['environments'] != nil
-                  unless @configs['environments'].include?(loaded['encrypted'][environment][property]['$ssm'][keys]['region'])
-                    services_with_unacceptable_keys << {path => {environment => property}}
-                  end
-                else
-                  status[:status] = 'warn'
-                  status[:error] = "Environments list in config file is missing."
-                end
+        next if loaded['encrypted'].nil?
+
+        loaded['encrypted'].each do |environment, properties|
+          if loaded['encrypted'][environment].nil?
+            status[:status] = 'error'
+            status[:error] = 'Encrypted properties are missing from the encrypted environment'
+            return status
+          end
+
+          encrypted_env = loaded['encrypted'][environment]
+
+          # next if encrypted_env[property].nil?
+
+          encrypted_env.each do |property, encrypted_values|
+            if @configs['environments'].nil?
+              status[:status] = 'warn'
+              status[:error] = 'Environments list in config file is missing.'
+              break
+            end
+
+            %w[$ssm $kms].each do |encryption_type|
+              values = recursive_find_keys(encrypted_values, encryption_type)
+              next if values.nil?
+
+              unless @configs['environments'].include?(values['region'])
+                services_with_unacceptable_keys << { path => { environment => property } }
               end
             end
           end
         end
       end
-      if services_with_unacceptable_keys != []
+      if !services_with_unacceptable_keys.empty? && status[:status] == 'pass'
         status[:status] = 'warn'
         status[:error] = "Service files: #{services_with_unacceptable_keys} have encrypted properties a region field not matching a declared environment in the configs."
       end
       status
     end
-
-
   end
 end