inspec-chef 0.3.2 → 0.3.3

Sign up to get free protection for your applications and to get access to all the features.
checksums.yaml CHANGED
@@ -1,7 +1,7 @@
1
1
  ---
2
2
  SHA256:
3
- metadata.gz: 29c070e9e924069b6c2f7418bdfd8164b0c69f9ae3ad7447928b3cdb99ca6e30
4
- data.tar.gz: 875794f04d148b86a41a401c481bc0fb53e6b398059668fc1d307820e4b285ff
3
+ metadata.gz: cf13aeb2415399d3c00d3bf0e03f64aa6d46161dbcaf028f7ce9d105476b46c8
4
+ data.tar.gz: 9e721f499a57caf6ba16babc18c4e638a269db8fa6aa25f03048a0b3ef4049be
5
5
  SHA512:
6
- metadata.gz: e87dee841335d6e05a96cdb2d74bd8a77b7b975d9a54f73a0eae94766cb7def48adc20291ea821d0b3d51096b9cb4b5ad1419d8105f9f253a784d22f06b42f02
7
- data.tar.gz: 47360a9eb493ddf659535f7f59b3810bd271a2ba49b3e84677e3cc4c6e936b7273eb764d211fc7d8d4ad6272cc2a027311f46c4690eb7aabd4cff03637a8fcd2
6
+ metadata.gz: 1edb515f0338855b9c6a3b266a70c808b48fcf01b12b0e88f750e4a530be9770a01fefea0c67ea4145f04836b93e5af6668dcfdad2f29f8ab0ca5f6b76cd299b
7
+ data.tar.gz: '087bcae728e94fd4d4ea1c9f0f2774fe04c82b093bd5ecc61ffed86c61f9aedd757ca892fbf20293ce72f35560389699ca546a50908b8edf42421d2ef1198e96'
data/README.md CHANGED
@@ -51,6 +51,11 @@ This plugin supports the following options:
51
51
  | INSPEC_CHEF_CLIENT | chef_api_client | The name of the client of the Chef server to connect as |
52
52
  | INSPEC_CHEF_KEY | chef_api_key | Path to the private certificate identifying the node |
53
53
 
54
+ Using this plugin with Windows instances is broken with `chef-api` versions up to 0.10.4 due
55
+ to a dependency issue within the deprecated `logify` gem. Versions starting with 0.10.5 use Chef's
56
+ native logging system and work on both Linux and Windows. Other versions will only work with Linux
57
+ instances.
58
+
54
59
  ## Configuration for TestKitchen
55
60
 
56
61
  To allow for more dev/prod parity, this input plugin detects if it is called
@@ -69,9 +74,8 @@ suites:
69
74
  install_flavor: "oracle"
70
75
  ```
71
76
 
72
- Please note, that support for `load_plugins` is not available on versions 1.3.1
73
- and below of the `kitchen-inspec` verifier plugin. Please check
74
- [kitchen-inspec PR #247 on GitHub](https://github.com/inspec/kitchen-inspec/pull/247) for finding official versions supporting this feature.
77
+ Please note, that support for `load_plugins` was introduced in version 1.3.2 of
78
+ the `kitchen-inspec` verifier plugin. Earlier versions are unable to load InSpec V2 plugins.
75
79
 
76
80
  ## Usage
77
81
 
@@ -130,3 +134,6 @@ is __not__ done on the clients tested, but the workstation executing InSpec.
130
134
  `ipaddress`, `hostname` or `fqdn` fields. One case would be IPv6 target
131
135
  nodes. Trying to resolve will result in error "Unable too lookup remote Chef
132
136
  client name"
137
+ - Using TestKitchen to run InSpec from a Chef cookbook on a remote machine will
138
+ fail. As InSpec is not invoked as a verifier from within Kitchen, but as a
139
+ standalone binary, it cannot access the passed kitchen attributes and databags.
@@ -1,5 +1,6 @@
1
1
  require "chef-api"
2
2
  require "jmespath"
3
+ require "json"
3
4
  require "resolv"
4
5
  require "uri"
5
6
 
@@ -31,8 +32,11 @@ module InspecPlugins
31
32
 
32
33
  # Fetch method used for Input plugins
33
34
  def fetch(_profile_name, input_uri)
35
+ logger.trace format("Inspec-Chef received query for input %<uri>s", uri: input_uri)
34
36
  return nil unless valid_plugin_input?(input_uri)
35
37
 
38
+ logger.debug format("Inspec-Chef input schema detected")
39
+
36
40
  connect_to_chef_server
37
41
 
38
42
  input = parse_input(input_uri)
@@ -40,15 +44,18 @@ module InspecPlugins
40
44
  data = get_databag_item(input[:object], input[:item])
41
45
  elsif input[:type] == :node && input[:item] == "attributes"
42
46
  # Search Chef node name, if no host given explicitly
43
- input[:object] = get_clientname(scan_target) unless input[:object]
47
+ input[:object] = get_clientname(scan_target) unless input[:object] || inside_testkitchen?
44
48
 
45
49
  data = get_attributes(input[:object])
46
50
  end
47
51
 
48
- result = JMESPath.search(input[:query].join("."), data)
52
+ # Quote components to allow "-" as part of search query.
53
+ # @see https://github.com/jmespath/jmespath.rb/issues/12
54
+ expression = input[:query].map { |component| '"' + component + '"' }.join(".")
55
+ result = JMESPath.search(expression, data)
49
56
  raise format("Could not resolve value for %s, check if databag/item or attribute exist", input_uri) unless result
50
57
 
51
- result
58
+ stringify(result)
52
59
  end
53
60
 
54
61
  private
@@ -101,6 +108,11 @@ module InspecPlugins
101
108
  }
102
109
  end
103
110
 
111
+ # Deeply stringify keys of Array/Hash
112
+ def stringify(result)
113
+ JSON.parse(JSON.dump(result))
114
+ end
115
+
104
116
  # ========================================================================
105
117
  # Interfacing with Inspec and Chef
106
118
 
@@ -5,6 +5,6 @@
5
5
  # to learn the current version.
6
6
  module InspecPlugins
7
7
  module Chef
8
- VERSION = "0.3.2".freeze
8
+ VERSION = "0.3.3".freeze
9
9
  end
10
10
  end
metadata CHANGED
@@ -1,14 +1,14 @@
1
1
  --- !ruby/object:Gem::Specification
2
2
  name: inspec-chef
3
3
  version: !ruby/object:Gem::Version
4
- version: 0.3.2
4
+ version: 0.3.3
5
5
  platform: ruby
6
6
  authors:
7
7
  - Thomas Heinen
8
8
  autorequire:
9
9
  bindir: bin
10
10
  cert_chain: []
11
- date: 2020-01-24 00:00:00.000000000 Z
11
+ date: 2020-04-07 00:00:00.000000000 Z
12
12
  dependencies:
13
13
  - !ruby/object:Gem::Dependency
14
14
  name: chef-api