inspec-core 4.3.2 → 4.6.3

data/lib/plugins/inspec-compliance/lib/inspec-compliance/target.rb

@@ -1,8 +1,7 @@
-# encoding: utf-8
-
-require 'uri'
-require 'inspec/fetcher'
-require 'inspec/errors'
+require "uri"
+require "inspec/fetcher"
+require "inspec/errors"
+require "inspec/dist"
 
 # InSpec Target Helper for Chef Compliance
 # reuses UrlHelper, but it knows the target server and the access token already
@@ -10,13 +9,15 @@ require 'inspec/errors'
 module InspecPlugins
   module Compliance
     class Fetcher < Fetchers::Url
-      name 'compliance'
+      include Inspec::Dist
+
+      name "compliance"
       priority 500
       attr_reader :upstream_sha256
 
       def initialize(target, opts)
         super(target, opts)
-        @upstream_sha256 = ''
+        @upstream_sha256 = ""
         if target.is_a?(Hash) && target.key?(:url)
           @target = target[:url]
           @upstream_sha256 = target[:sha256]
@@ -30,16 +31,16 @@ module InspecPlugins
       end
 
       def self.check_compliance_token(uri, config)
-        if config['token'].nil? && config['refresh_token'].nil?
-          if config['server_type'] == 'automate'
-            server = 'automate'
-            msg = 'inspec compliance login https://your_automate_server --user USER --ent ENT --dctoken DCTOKEN or --token USERTOKEN'
-          elsif config['server_type'] == 'automate2'
-            server = 'automate2'
-            msg = 'inspec compliance login https://your_automate2_server --user USER --token APITOKEN'
+        if config["token"].nil? && config["refresh_token"].nil?
+          if config["server_type"] == "automate"
+            server = "automate"
+            msg = "#{EXEC_NAME} compliance login https://your_automate_server --user USER --ent ENT --dctoken DCTOKEN or --token USERTOKEN"
+          elsif config["server_type"] == "automate2"
+            server = "automate2"
+            msg = "#{EXEC_NAME} compliance login https://your_automate2_server --user USER --token APITOKEN"
           else
-            server = 'compliance'
-            msg = "inspec compliance login https://your_compliance_server --user admin --insecure --token 'PASTE TOKEN HERE' "
+            server = "compliance"
+            msg = "#{EXEC_NAME} compliance login https://your_compliance_server --user admin --insecure --token 'PASTE TOKEN HERE' "
           end
           raise Inspec::FetcherFailure, <<~EOF
 
@@ -54,7 +55,7 @@ module InspecPlugins
       end
 
       def self.get_target_uri(target)
-        if target.is_a?(String) && URI(target).scheme == 'compliance'
+        if target.is_a?(String) && URI(target).scheme == "compliance"
           URI(target)
         elsif target.respond_to?(:key?) && target.key?(:compliance)
           URI("compliance://#{target[:compliance]}")
@@ -84,16 +85,16 @@ module InspecPlugins
             # If version was specified, it will be the first and only result.
             # Note we are calling the sha256 as a string, not a symbol since
             # it was returned as json from the Compliance API.
-            profile_info = profile_result.sort_by { |x| Gem::Version.new(x['version']) }[0]
-            profile_checksum = profile_info.key?('sha256') ? profile_info['sha256'] : ''
+            profile_info = profile_result.sort_by { |x| Gem::Version.new(x["version"]) }[0]
+            profile_checksum = profile_info.key?("sha256") ? profile_info["sha256"] : ""
           end
         end
         # We need to pass the token to the fetcher
-        config['token'] = InspecPlugins::Compliance::API.get_token(config)
+        config["token"] = InspecPlugins::Compliance::API.get_token(config)
 
         # Needed for automate2 post request
         profile_stub = profile || target[:compliance]
-        config['profile'] = InspecPlugins::Compliance::API.profile_split(profile_stub)
+        config["profile"] = InspecPlugins::Compliance::API.profile_split(profile_stub)
 
         new({ url: profile_fetch_url, sha256: profile_checksum }, config)
       rescue URI::Error => _e
@@ -111,7 +112,7 @@ module InspecPlugins
       end
 
       def to_s
-        'Chef Compliance Profile Loader'
+        "#{COMPLIANCE_PRODUCT_NAME} Profile Loader"
       end
 
       private
@@ -128,13 +129,15 @@ module InspecPlugins
 
         if InspecPlugins::Compliance::API.is_automate2_server?(@config)
           m = {}
-          m[:owner] = @config['profile'][0]
-          m[:id] = @config['profile'][1]
+          m[:owner] = @config["profile"][0]
+          m[:id] = @config["profile"][1]
         end
 
-        raise 'Unable to determine compliance profile name. This can be caused by ' \
-          'an incorrect server in your configuration. Try to login to compliance ' \
-          'via the `inspec compliance login` command.' if m.nil?
+        if m.nil?
+          raise "Unable to determine compliance profile name. This can be caused by " \
+            "an incorrect server in your configuration. Try to login to compliance " \
+            "via the `#{EXEC_NAME} compliance login` command."
+        end
 
         "#{m[:owner]}/#{m[:id]}"
       end

data/lib/plugins/inspec-habitat/Berksfile

@@ -1,5 +1,5 @@
-source 'https://supermarket.chef.io'
+source "https://supermarket.chef.io"
 
 group :integration do
-  cookbook 'inspec_habitat_fixture', path: 'test/cookbooks/inspec_habitat_fixture/'
+  cookbook "inspec_habitat_fixture", path: "test/cookbooks/inspec_habitat_fixture/"
 end

data/lib/plugins/inspec-habitat/lib/inspec-habitat.rb

@@ -3,7 +3,7 @@ module InspecPlugins
     class Plugin < Inspec.plugin(2)
       plugin_name :'inspec-habitat'
       cli_command :habitat do
-        require_relative 'inspec-habitat/cli'
+        require_relative "inspec-habitat/cli"
         InspecPlugins::Habitat::CLI
       end
     end

data/lib/plugins/inspec-habitat/lib/inspec-habitat/cli.rb

@@ -1,5 +1,5 @@
-# encoding: utf-8
-require_relative 'profile'
+require_relative "profile"
+require "inspec/dist"
 
 module InspecPlugins
   module Habitat
@@ -10,30 +10,32 @@ module InspecPlugins
         "#{basename} habitat profile #{command.usage}"
       end
 
-      desc 'create PATH', 'Create a Habitat artifact for the profile found at PATH'
+      desc "create PATH", "Create a Habitat artifact for the profile found at PATH"
       option :output_dir, type: :string, required: false,
-        desc: 'Output directory for the Habitat artifact. Default: current directory'
-      def create(path = '.')
+        desc: "Output directory for the Habitat artifact. Default: current directory"
+      def create(path = ".")
         InspecPlugins::Habitat::Profile.new(path, options).create
       end
 
-      desc 'setup PATH', 'Configure the profile at PATH for Habitat, including a plan and hooks'
-      def setup(path = '.')
+      desc "setup PATH", "Configure the profile at PATH for Habitat, including a plan and hooks"
+      def setup(path = ".")
         InspecPlugins::Habitat::Profile.new(path, options).setup
       end
 
-      desc 'upload PATH', 'Create then upload a Habitat artifact for the profile found at PATH to the Habitat Builder Depot'
-      def upload(path = '.')
+      desc "upload PATH", "Create then upload a Habitat artifact for the profile found at PATH to the Habitat Builder Depot"
+      def upload(path = ".")
         InspecPlugins::Habitat::Profile.new(path, options).upload
       end
     end
 
     class CLI < Inspec.plugin(2, :cli_command)
-      subcommand_desc 'habitat SUBCOMMAND', 'Manage Habitat with InSpec'
-      namespace 'habitat'
+      include Inspec::Dist
 
-      desc 'profile', 'Manage InSpec profiles as Habitat artifacts'
-      subcommand 'profile', ProfileCLI
+      subcommand_desc "habitat SUBCOMMAND", "Manage Habitat with #{PRODUCT_NAME}"
+      namespace "habitat"
+
+      desc "profile", "Manage #{PRODUCT_NAME} profiles as Habitat artifacts"
+      subcommand "profile", ProfileCLI
     end
   end
 end

data/lib/plugins/inspec-habitat/lib/inspec-habitat/profile.rb

@@ -1,19 +1,20 @@
-# encoding: utf-8
-
-require 'inspec/profile_vendor'
-require 'mixlib/shellout'
-require 'tomlrb'
-require 'ostruct'
+require "inspec/profile_vendor"
+require "mixlib/shellout"
+require "tomlrb"
+require "ostruct"
+require "inspec/dist"
 
 module InspecPlugins
   module Habitat
     class Profile
+      include Inspec::Dist
+
       attr_reader :logger
       def initialize(path, options = {})
         @path    = path
         @options = options
         @logger  = Inspec::Log
-        logger.level(options.fetch(:log_level, 'info').to_sym)
+        logger.level(options.fetch(:log_level, "info").to_sym)
       end
 
       def create
@@ -28,7 +29,7 @@ module InspecPlugins
         output_dir = @options[:output_dir] || Dir.pwd
         unless File.directory?(output_dir)
           exit_with_error("Output directory #{output_dir} is not a directory " \
-                          'or does not exist.')
+                          "or does not exist.")
         end
 
         duplicated_profile = duplicate_profile(@path, working_dir)
@@ -44,7 +45,7 @@ module InspecPlugins
         destination
       rescue => e
         logger.debug(e.backtrace.join("\n"))
-        exit_with_error('Unable to create Habitat artifact.')
+        exit_with_error("Unable to create Habitat artifact.")
       ensure
         if Dir.exist?(working_dir)
           logger.debug("Deleting working directory #{working_dir}")
@@ -56,34 +57,34 @@ module InspecPlugins
         path = profile.root_path
         logger.debug("Setting up #{path} for Habitat...")
 
-        plan_file = File.join(path, 'habitat', 'plan.sh')
+        plan_file = File.join(path, "habitat", "plan.sh")
         logger.info("Generating Habitat plan at #{plan_file}...")
         vars = {
           profile: profile,
-          habitat_origin: read_habitat_config['origin'],
+          habitat_origin: read_habitat_config["origin"],
         }
-        create_file_from_template(plan_file, 'plan.sh.erb', vars)
+        create_file_from_template(plan_file, "plan.sh.erb", vars)
 
-        run_hook_file = File.join(path, 'habitat', 'hooks', 'run')
+        run_hook_file = File.join(path, "habitat", "hooks", "run")
         logger.info("Generating a Habitat run hook at #{run_hook_file}...")
-        create_file_from_template(run_hook_file, 'hooks/run.erb')
+        create_file_from_template(run_hook_file, "hooks/run.erb")
 
-        default_toml = File.join(path, 'habitat', 'default.toml')
+        default_toml = File.join(path, "habitat", "default.toml")
         logger.info("Generating a Habitat default.toml at #{default_toml}...")
-        create_file_from_template(default_toml, 'default.toml.erb')
+        create_file_from_template(default_toml, "default.toml.erb")
 
-        config = File.join(path, 'habitat', 'config', 'inspec_exec_config.json')
-        logger.info("Generating #{config} for `inspec exec`...")
-        create_file_from_template(config, 'config/inspec_exec_config.json.erb')
+        config = File.join(path, "habitat", "config", "inspec_exec_config.json")
+        logger.info("Generating #{config} for `#{EXEC_NAME} exec`...")
+        create_file_from_template(config, "config/inspec_exec_config.json.erb")
       end
 
       def upload
         habitat_config = read_habitat_config
 
-        if habitat_config['auth_token'].nil?
+        if habitat_config["auth_token"].nil?
           exit_with_error(
-            'Unable to determine Habitat auth token for uploading.',
-            'Run `hab setup` or set the HAB_AUTH_TOKEN environment variable.',
+            "Unable to determine Habitat auth token for uploading.",
+            "Run `hab setup` or set the HAB_AUTH_TOKEN environment variable."
           )
         end
 
@@ -95,7 +96,7 @@ module InspecPlugins
         logger.info("Habitat artifact #{hart} uploaded.")
       rescue => e
         logger.debug(e.backtrace.join("\n"))
-        exit_with_error('Unable to upload Habitat artifact.')
+        exit_with_error("Unable to upload Habitat artifact.")
       end
 
       private
@@ -121,14 +122,14 @@ module InspecPlugins
       def profile_from_path(path)
         Inspec::Profile.for_target(
           path,
-          backend: Inspec::Backend.create(Inspec::Config.mock),
+          backend: Inspec::Backend.create(Inspec::Config.mock)
         )
       end
 
       def copy_profile_to_working_dir(profile, working_dir)
-        logger.debug('Copying profile contents to the working directory...')
+        logger.debug("Copying profile contents to the working directory...")
         profile.files.each do |profile_file|
-          next if File.extname(profile_file) == '.hart'
+          next if File.extname(profile_file) == ".hart"
 
           src = File.join(profile.root_path, profile_file)
           dst = File.join(working_dir, profile_file)
@@ -143,86 +144,86 @@ module InspecPlugins
       end
 
       def verify_profile(profile)
-        logger.debug('Checking to see if the profile is valid...')
+        logger.debug("Checking to see if the profile is valid...")
 
         unless profile.check[:summary][:valid]
-          exit_with_error('Profile check failed. Please fix the profile ' \
-                          'before creating a Habitat artifact.')
+          exit_with_error("Profile check failed. Please fix the profile " \
+                          "before creating a Habitat artifact.")
         end
 
-        logger.debug('Profile is valid.')
+        logger.debug("Profile is valid.")
       end
 
       def vendor_profile_dependencies!(profile)
         profile_vendor = Inspec::ProfileVendor.new(profile.root_path)
         if profile_vendor.lockfile.exist? && profile_vendor.cache_path.exist?
           logger.debug("Profile's dependencies are already vendored, skipping " \
-                    'vendor process.')
+                    "vendor process.")
         else
           logger.debug("Vendoring the profile's dependencies...")
           profile_vendor.vendor!
 
-          logger.debug('Ensuring all vendored content has read permissions...')
+          logger.debug("Ensuring all vendored content has read permissions...")
           profile_vendor.make_readable
         end
 
         # Return new profile since it has changed
         Inspec::Profile.for_target(
           profile.root_path,
-          backend: Inspec::Backend.create(Inspec::Config.mock),
+          backend: Inspec::Backend.create(Inspec::Config.mock)
         )
       end
 
       def verify_habitat_setup(habitat_config)
-        logger.debug('Checking to see if Habitat is installed...')
-        cmd = Mixlib::ShellOut.new('hab --version')
+        logger.debug("Checking to see if Habitat is installed...")
+        cmd = Mixlib::ShellOut.new("hab --version")
         cmd.run_command
         if cmd.error?
-          exit_with_error('Unable to run Habitat commands.', cmd.stderr)
+          exit_with_error("Unable to run Habitat commands.", cmd.stderr)
         end
 
-        if habitat_config['origin'].nil?
+        if habitat_config["origin"].nil?
           exit_with_error(
-            'Unable to determine Habitat origin name.',
-            'Run `hab setup` or set the HAB_ORIGIN environment variable.',
+            "Unable to determine Habitat origin name.",
+            "Run `hab setup` or set the HAB_ORIGIN environment variable."
           )
         end
       end
 
       def create_file_from_template(file, template, vars = {})
         FileUtils.mkdir_p(File.dirname(file))
-        template_path = File.join(__dir__, '../../templates/habitat', template)
+        template_path = File.join(__dir__, "../../templates/habitat", template)
         contents = ERB.new(File.read(template_path))
                       .result(OpenStruct.new(vars).instance_eval { binding })
         File.write(file, contents)
       end
 
       def build_hart(working_dir, habitat_config)
-        logger.debug('Building our Habitat artifact...')
+        logger.debug("Building our Habitat artifact...")
 
         env = {
-          'TERM'               => 'vt100',
-          'HAB_ORIGIN'         => habitat_config['origin'],
-          'HAB_NONINTERACTIVE' => 'true',
+          "TERM" => "vt100",
+          "HAB_ORIGIN" => habitat_config["origin"],
+          "HAB_NONINTERACTIVE" => "true",
         }
 
-        env['RUST_LOG'] = 'debug' if logger.level == :debug
+        env["RUST_LOG"] = "debug" if logger.level == :debug
 
         # TODO: Would love to use Mixlib::ShellOut here, but it doesn't
         # seem to preserve the STDIN tty, and docker gets angry.
         Dir.chdir(working_dir) do
-          unless system(env, 'hab pkg build .')
-            exit_with_error('Unable to build the Habitat artifact.')
+          unless system(env, "hab pkg build .")
+            exit_with_error("Unable to build the Habitat artifact.")
           end
         end
 
-        hart_files = Dir.glob(File.join(working_dir, 'results', '*.hart'))
+        hart_files = Dir.glob(File.join(working_dir, "results", "*.hart"))
 
         if hart_files.length > 1
-          exit_with_error('More than one Habitat artifact was created which ' \
-                          'was not expected.')
+          exit_with_error("More than one Habitat artifact was created which " \
+                          "was not expected.")
         elsif hart_files.empty?
-          exit_with_error('No Habitat artifact was created.')
+          exit_with_error("No Habitat artifact was created.")
         end
 
         hart_files.first
@@ -234,33 +235,33 @@ module InspecPlugins
         config = habitat_config
 
         env = {
-          'HAB_AUTH_TOKEN'     => config['auth_token'],
-          'HAB_NONINTERACTIVE' => 'true',
-          'HAB_ORIGIN'         => config['origin'],
-          'TERM'               => 'vt100',
+          "HAB_AUTH_TOKEN" => config["auth_token"],
+          "HAB_NONINTERACTIVE" => "true",
+          "HAB_ORIGIN" => config["origin"],
+          "TERM" => "vt100",
         }
 
-        env['HAB_DEPOT_URL'] = ENV['HAB_DEPOT_URL'] if ENV['HAB_DEPOT_URL']
+        env["HAB_DEPOT_URL"] = ENV["HAB_DEPOT_URL"] if ENV["HAB_DEPOT_URL"]
 
         cmd = Mixlib::ShellOut.new("hab pkg upload #{hart_file}", env: env)
         cmd.run_command
         if cmd.error?
           exit_with_error(
-            'Unable to upload Habitat artifact to the Depot.',
+            "Unable to upload Habitat artifact to the Depot.",
             cmd.stdout,
-            cmd.stderr,
+            cmd.stderr
           )
         end
 
-        logger.debug('Upload complete!')
+        logger.debug("Upload complete!")
       end
 
       def read_habitat_config
-        cli_toml = File.join(ENV['HOME'], '.hab', 'etc', 'cli.toml')
-        cli_toml = '/hab/etc/cli.toml' unless File.exist?(cli_toml)
+        cli_toml = File.join(ENV["HOME"], ".hab", "etc", "cli.toml")
+        cli_toml = "/hab/etc/cli.toml" unless File.exist?(cli_toml)
         cli_config = File.exist?(cli_toml) ? Tomlrb.load_file(cli_toml) : {}
-        cli_config['origin'] ||= ENV['HAB_ORIGIN']
-        cli_config['auth_token'] ||= ENV['HAB_AUTH_TOKEN']
+        cli_config["origin"] ||= ENV["HAB_ORIGIN"]
+        cli_config["auth_token"] ||= ENV["HAB_AUTH_TOKEN"]
         cli_config
       end