inspec-elasticsearch-resources 7.1.2

checksums.yaml

@@ -0,0 +1,7 @@
+---
+SHA256:
+  metadata.gz: 58760d82c2d98a35d500a16a7f9d2bcae471c9d2ec86d3bb14a6c8f7ad452bd3
+  data.tar.gz: fe15e5dc70c1d03b8b89d52d12f57e26dae997bd3b8963b0c87a31051de1eb17
+SHA512:
+  metadata.gz: fa7b46e5fcb9c3686da96e9ed1a326146fbe4cf609da35e3f00c582a1d939acc122b4689454c68d3999a436015a65d8354dc65f121ece7de79755683a3a33d07
+  data.tar.gz: 233b5618829c579b8c5fcb0a8822b03fa84aecc07cddb3be9d8227ce73ca7deb9432b36459fe407f873e232a7049ab14a0dc905bc9e86ea845c1f4e4fdae9a76

data/Gemfile

@@ -0,0 +1,18 @@
+# frozen_string_literal: true
+
+source "https://rubygems.org"
+gem "inspec", git: "https://github.com/inspec/inspec", branch: "inspec-7"
+gem "inspec-bin", git: "https://github.com/inspec/inspec", branch: "inspec-7"
+
+gemspec
+
+group :test do
+  gem "byebug"
+  gem "chefstyle"
+  gem "minitest"
+  gem "m"
+  gem "mocha"
+  gem "rake"
+  gem "simplecov"
+  gem "simplecov_json_formatter"
+end

data/README.md

@@ -0,0 +1,15 @@
+# inspec-elasticsearch-resources
+ElasticSearch InSpec Resources in a Gem
+
+This repository contains the InSpec Elasticsearch resources, formerly contained in InSpec Core. In InSpec 7+, these resources are available in a gem, `inspec-elasticsearch-resources`.
+
+## Usage
+
+To use this resource pack, add this dependency to your inspec.yml :
+
+```yaml
+depends:
+ - name: inspec-elasticsearch-resources
+    gem: inspec-elasticsearch-resources
+```
+

data/inspec-elasticsearch-resources.gemspec

@@ -0,0 +1,44 @@
+# As plugins are usually packaged and distributed as a RubyGem,
+# we have to provide a .gemspec file, which controls the gembuild
+# and publish process.  This is a fairly generic gemspec.
+
+# It is traditional in a gemspec to dynamically load the current version
+# from a file in the source tree.  The next three lines make that happen.
+lib = File.expand_path("lib", __dir__)
+$LOAD_PATH.unshift(lib) unless $LOAD_PATH.include?(lib)
+require "inspec-elasticsearch-resources/version"
+
+Gem::Specification.new do |spec|
+  # Importantly, all InSpec plugins must be prefixed with `inspec-` (most
+  # plugins) or `train-` (plugins which add new connectivity features).
+  spec.name          = "inspec-elasticsearch-resources"
+
+  # It is polite to namespace your plugin under InspecPlugins::YourPluginInCamelCase
+  spec.version       = InspecPlugins::ElasticsearchResources::VERSION
+  spec.authors       = ["InSpec Core Maintainers"]
+  spec.email         = ["inspec@progress.com"]
+  spec.summary       = "InSpec elasticsearch Resources in a Gem"
+  spec.description   = "Contains InSpec 7.0+ resources fo interacting with Elasticsearch Resources."
+  spec.homepage      = "https://github.com/inspec/inspec-elasticsearch-resources"
+  spec.license       = "Apache-2.0"
+
+  # Though complicated-looking, this is pretty standard for a gemspec.
+  # It just filters what will actually be packaged in the gem (leaving
+  # out tests, etc)
+  spec.files = %w{
+    README.md inspec-elasticsearch-resources.gemspec Gemfile inspec.yml
+  } + Dir.glob(
+    "lib/**/*", File::FNM_DOTMATCH
+  ).reject { |f| File.directory?(f) }
+  spec.require_paths = ["lib"]
+
+  spec.required_ruby_version = ">= 3.1.0"
+
+  # If you rely on any other gems, list them here with any constraints.
+  # This is how `inspec plugin install` is able to manage your dependencies.
+  # For example, perhaps you are writing a thing that talks to AWS, and you
+  # want to ensure you have `aws-sdk` in a certain version.
+
+  # This plugin uses InSpec 7 Resource Pack Plugins
+  spec.add_dependency "inspec-core", ">= 7.0"
+end

data/inspec.yml

@@ -0,0 +1,10 @@
+name: inspec-elasticsearch-resources
+title: Resource pack gem for ElasticsearchResources
+maintainer: InSpec Core Maintainers
+copyright: Progress Software Corporation
+copyright_email: inspec@progress.com
+license: 
+summary: elasticsearch InSpec Resources in a Gem
+version: 7.1.2
+supports:
+  platform: os

data/lib/inspec-elasticsearch-resources/plugin.rb

@@ -0,0 +1,43 @@
+# frozen_string_literal: true
+# Plugin Definition file
+# The purpose of this file is to declare to InSpec what plugin_types (capabilities)
+# are included in this plugin, and provide activator that will load them as needed.
+
+# It is important that this file load successfully and *quickly*.
+# Your plugin's functionality may never be used on this InSpec run; so we keep things
+# fast and light by only loading heavy things when they are needed.
+
+# Presumably this is light
+require "inspec-elasticsearch-resources/version"
+
+# The InspecPlugins namespace is where all plugins should declare themselves.
+# The "Inspec" capitalization is used throughout the InSpec source code; yes, it's
+# strange.
+module InspecPlugins
+  # Pick a reasonable namespace here for your plugin. A reasonable choice
+  # would be the CamelCase version of your plugin gem name.
+  # inspec-test-resources => TestResources
+  module ElasticsearchResources
+    # This simple class handles the plugin definition, so calling it simply Plugin is OK.
+    #   Inspec.plugin returns various Classes, intended to be superclasses for various
+    # plugin components. Here, the one-arg form gives you the Plugin Definition superclass,
+    # which mainly gives you access to the activator / plugin_type DSL.
+    #   The number '2' says you are asking for version 2 of the plugin API. If there are
+    # future versions, InSpec promises plugin API v2 will work for at least two more InSpec
+    # major versions.
+    class Plugin < ::Inspec.plugin(2)
+      # Internal machine name of the plugin. InSpec will use this in errors, etc.
+      plugin_name :"inspec-elasticsearch-resources"
+
+      # Define a new Resource Pack.
+      resource_pack :"inspec-elasticsearch-resources" do
+        # This file will load the resources implicitly via the superclass
+        require "inspec-elasticsearch-resources/resource_pack"
+
+        # Having loaded our functionality, return a class that represents the plugin.
+        # Reserved for future use.
+        InspecPlugins::ElasticsearchResources::ResourcePack
+      end
+    end
+  end
+end

data/lib/inspec-elasticsearch-resources/resource_pack.rb

@@ -0,0 +1,16 @@
+# frozen_string_literal: true
+require "inspec/resource"
+
+module InspecPlugins::ElasticsearchResources
+  # This class will provide the actual CLI implementation.
+  # Its superclass is provided by another call to Inspec.plugin,
+  # this time with two args.  The first arg specifies we are requesting
+  # version 2 of the Plugins API.  The second says we are making a Resource
+  # Pack plugin component, so please make available any DSL needed
+  # for that.
+  class ResourcePack < Inspec.plugin(2, :resource_pack)
+    # TBD
+    # load_timing :early  <-- isn't that implicit in the rewuire statements
+    # train relationship declarations?  <-- that should be in the gemspec
+  end
+end

data/lib/inspec-elasticsearch-resources/resources/elasticsearch.rb

@@ -0,0 +1,168 @@
+require "inspec/utils/filter"
+require "hashie/mash"
+require "inspec/resources/package"
+
+class Elasticsearch < Inspec.resource(1)
+  name "elasticsearch"
+  supports platform: "unix"
+  desc "Use the Elasticsearch InSpec audit resource to test the status of nodes in
+    an Elasticsearch cluster."
+
+  example <<~EXAMPLE
+    describe elasticsearch('http://eshost.mycompany.biz:9200/', username: 'elastic', password: 'changeme', ssl_verify: false) do
+      its('node_count') { should >= 3 }
+    end
+
+    describe elasticsearch do
+      its('node_name') { should include 'node1' }
+      its('os') { should_not include 'MacOS' }
+      its('version') { should cmp > 1.2.0 }
+    end
+  EXAMPLE
+
+  filter = FilterTable.create
+  filter.register_custom_matcher(:exists?) { |x| !x.entries.empty? }
+  filter.register_column(:cluster_name,          field: "cluster_name")
+    .register_column(:node_name,             field: "name")
+    .register_column(:transport_address,     field: "transport_address")
+    .register_column(:host,                  field: "host")
+    .register_column(:ip,                    field: "ip")
+    .register_column(:version,               field: "version")
+    .register_column(:build_hash,            field: "build_hash")
+    .register_column(:total_indexing_buffer, field: "total_indexing_buffer")
+    .register_column(:roles,                 field: "roles")
+    .register_column(:settings,              field: "settings")
+    .register_column(:os,                    field: "os")
+    .register_column(:process,               field: "process")
+    .register_column(:jvm,                   field: "jvm")
+    .register_column(:transport,             field: "transport")
+    .register_column(:http,                  field: "http")
+    .register_column(:plugins,               field: "plugins")
+    .register_column(:plugin_list,           field: "plugin_list")
+    .register_column(:modules,               field: "modules")
+    .register_column(:module_list,           field: "module_list")
+    .register_column(:node_id,               field: "node_id")
+    .register_column(:ingest,                field: "ingest")
+    .register_custom_property(:node_count) do |t, _|
+      t.entries.length
+    end
+
+  filter.install_filter_methods_on_resource(self, :nodes)
+
+  attr_reader :nodes, :url
+
+  def initialize(opts = {})
+    return skip_resource "Package `curl` not avaiable on the host" unless inspec.command("curl").exist?
+
+    @url = opts.fetch(:url, "http://localhost:9200")
+
+    username   = opts.fetch(:username, nil)
+    password   = opts.fetch(:password, nil)
+    ssl_verify = opts.fetch(:ssl_verify, true)
+
+    begin
+      cmd = inspec.command(curl_command_string(username, password, ssl_verify))
+    rescue => e
+      return skip_resource e.message
+    end
+
+    # after implementation of PR #2235, this begin..rescue won't be necessary.
+    # The checks in verify_curl_success! can raise their own skip message exception.
+    begin
+      verify_curl_success!(cmd)
+    rescue => e
+      return skip_resource e.message
+    end
+
+    begin
+      content = JSON.parse(cmd.stdout)
+      # after implementation of PR #2235, this can be broken out of the begin..rescue
+      # clause. The checks in verify_json_payload! can raise their own skip message exception.
+      verify_json_payload!(content)
+    rescue JSON::ParserError => e
+      return skip_resource "Couldn't parse the Elasticsearch response: #{e.message}"
+    rescue => e
+      return skip_resource e.message
+    end
+
+    @nodes = parse_cluster(content)
+  end
+
+  def to_s
+    "Elasticsearch Cluster #{url}"
+  end
+
+  private
+
+  def parse_cluster(content)
+    return [] unless content["nodes"]
+
+    nodes = []
+
+    content["nodes"].each do |node_id, node_data|
+      node_data = fix_mash_key_collision(node_data)
+
+      node = Hashie::Mash.new(node_data)
+      node.node_id = node_id
+      node.plugin_list = node.plugins.map(&:name)
+      node.module_list = node.modules.map(&:name)
+      node.cluster_name = node.settings.cluster.name
+      nodes << node
+    end
+
+    nodes
+  end
+
+  #
+  # Hashie::Mash will throw warnings if the Mash contains a key that is the same as a built-in
+  # method on a Hashie::Mash instance. This is a crude way of avoiding those warnings without
+  # hard-coding a bunch of key renames.
+  #
+  # Any key that is in conflict will be renamed "es_ORIGINALKEY"
+  #
+  def fix_mash_key_collision(data)
+    test_mash = Hashie::Mash.new
+
+    new_data = {}
+    data.each do |key, value|
+      new_key = test_mash.respond_to?(key.to_sym) ? "es_#{key}" : key
+      new_value = value.is_a?(Hash) ? fix_mash_key_collision(value) : value
+
+      new_data[new_key] = new_value
+    end
+
+    new_data
+  end
+
+  def curl_command_string(username, password, ssl_verify)
+    cmd_string = ["curl"]
+    cmd_string << "-k" unless ssl_verify
+    cmd_string << "-H 'Content-Type: application/json'"
+    cmd_string << " -u #{username}:#{password}" unless username.nil? || password.nil?
+    cmd_string << URI.join(url, "_nodes")
+
+    cmd_string.join(" ")
+  end
+
+  def verify_curl_success!(cmd)
+    # the following lines captures known possible curl command errors and provides compact skip resource messeges
+    if cmd.stderr =~ /Failed to connect/
+      raise "Connection refused - please check the URL #{url} for accuracy"
+    end
+
+    if cmd.stderr =~ /Peer's Certificate issuer is not recognized/
+      raise "Connection refused - peer certificate issuer is not recognized"
+    end
+
+    raise "Error fetching Elastcsearch data from curl #{url}: #{cmd.stderr}" unless cmd.exit_status == 0
+  end
+
+  def verify_json_payload!(content)
+    unless content["error"].nil?
+      raise "#{content["error"]["type"]}: #{content["error"]["reason"]}"
+    end
+
+    raise "No successful nodes available in cluster" if content["_nodes"]["successful"] == 0
+  end
+end
+

data/lib/inspec-elasticsearch-resources/version.rb

@@ -0,0 +1,9 @@
+# frozen_string_literal: true
+# This file simply makes it easier for CI engines to update
+# the version stamp, and provide a clean way for the gemspec
+# to learn the current version.
+module InspecPlugins
+  module ElasticsearchResources
+    VERSION = "7.1.2"
+  end
+end

data/lib/inspec-elasticsearch-resources.rb

@@ -0,0 +1,15 @@
+# This file is known as the "entry point."
+# This is the file InSpec will try to load if it
+# thinks your plugin is installed.
+
+# The *only* thing this file should do is setup the
+# load path, then load the plugin definition file.
+
+# Next two lines simply add the path of the gem to the load path.
+# This is not needed when being loaded as a gem; but when doing
+# plugin development, you may need it.  Either way, it's harmless.
+
+libdir = File.dirname(__FILE__)
+$LOAD_PATH.unshift(libdir) unless $LOAD_PATH.include?(libdir)
+
+require "inspec-elasticsearch-resources/plugin"

metadata

@@ -0,0 +1,67 @@
+--- !ruby/object:Gem::Specification
+name: inspec-elasticsearch-resources
+version: !ruby/object:Gem::Version
+  version: 7.1.2
+platform: ruby
+authors:
+- InSpec Core Maintainers
+autorequire: 
+bindir: bin
+cert_chain: []
+date: 2025-10-10 00:00:00.000000000 Z
+dependencies:
+- !ruby/object:Gem::Dependency
+  name: inspec-core
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - ">="
+      - !ruby/object:Gem::Version
+        version: '7.0'
+  type: :runtime
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - ">="
+      - !ruby/object:Gem::Version
+        version: '7.0'
+description: Contains InSpec 7.0+ resources fo interacting with Elasticsearch Resources.
+email:
+- inspec@progress.com
+executables: []
+extensions: []
+extra_rdoc_files: []
+files:
+- Gemfile
+- README.md
+- inspec-elasticsearch-resources.gemspec
+- inspec.yml
+- lib/inspec-elasticsearch-resources.rb
+- lib/inspec-elasticsearch-resources/plugin.rb
+- lib/inspec-elasticsearch-resources/resource_pack.rb
+- lib/inspec-elasticsearch-resources/resources/.gitkeep
+- lib/inspec-elasticsearch-resources/resources/elasticsearch.rb
+- lib/inspec-elasticsearch-resources/version.rb
+homepage: https://github.com/inspec/inspec-elasticsearch-resources
+licenses:
+- Apache-2.0
+metadata: {}
+post_install_message: 
+rdoc_options: []
+require_paths:
+- lib
+required_ruby_version: !ruby/object:Gem::Requirement
+  requirements:
+  - - ">="
+    - !ruby/object:Gem::Version
+      version: 3.1.0
+required_rubygems_version: !ruby/object:Gem::Requirement
+  requirements:
+  - - ">="
+    - !ruby/object:Gem::Version
+      version: '0'
+requirements: []
+rubygems_version: 3.3.27
+signing_key: 
+specification_version: 4
+summary: InSpec elasticsearch Resources in a Gem
+test_files: []