inspec-reporter-tap 0.1.0

Sign up to get free protection for your applications and to get access to all the features.
@@ -0,0 +1,7 @@
1
+ ---
2
+ SHA256:
3
+ metadata.gz: 2641a1b00b604458410ac1a1a85b5716a30a597aa77108f2a50d90574ee3c984
4
+ data.tar.gz: f4887becbecfd28c9d37d8b43568d3ec15022898ad8b8f70d91ce3b323b84c3c
5
+ SHA512:
6
+ metadata.gz: 7598635273306db4368dc6b52ef2b22be2b0f639663cc8a8870961d62fb532b195db618bbc57a464e137617a71c6b4c481c3f403190e64bf8d60bf36eb315977
7
+ data.tar.gz: f303f7e8ea8602b3f2a45bae517d30cfd747418fd2d982303f05a3e4a48b1f0b0e298745a0ee735bf25d2217959d4bc9c0cfd52bd0f25922de4944ba5fe6be58
@@ -0,0 +1,7 @@
1
+ # Changelog
2
+
3
+ ## Unreleased
4
+
5
+ ## v0.1.0
6
+
7
+ - Initial version
@@ -0,0 +1,88 @@
1
+ # inspec-reporter-tap Plugin
2
+
3
+ InSpec TAP (Test Anything Protocol) reporter.
4
+
5
+ ## To Install This Plugin
6
+
7
+ Inside InSpec:
8
+
9
+ ```shell
10
+ you@machine $ inspec plugin install inspec-reporter-tap
11
+ ```
12
+
13
+ For use within `kitchen`:
14
+
15
+ ```shell
16
+ you@machine $ gem install inspec-reporter-tap
17
+ ```
18
+
19
+ ## How to use this plugin
20
+
21
+ To generate a TAP13 report using this plugin and save the output to a file named `report.tap`, run:
22
+
23
+ ```shell
24
+ you@machine $ inspec exec some_profile --reporter tap13:/tmp/report.tap
25
+ ```
26
+
27
+ If you prefer the older format, you can generate this as well:
28
+
29
+ ```shell
30
+ you@machine $ inspec exec some_profile --reporter tap:/tmp/report.tap
31
+ ```
32
+
33
+ Note that `tap` and `tap13` are the reporter names.
34
+
35
+ ## Configuring the Plugin
36
+
37
+ The `tap`/`tap13` reporters requires no configuration to function.
38
+
39
+ ## Example output: TAP13
40
+
41
+ This is a shortened result from running the devsec.io linux-baseline:
42
+
43
+ ```
44
+ TAP version 13
45
+ 1..112
46
+ ok 1 Trusted hosts login
47
+ ok 2 Check owner and permissions for /etc/shadow
48
+ ok 3 Check owner and permissions for /etc/shadow
49
+
50
+ # ... other lines omitted ...
51
+
52
+ not ok 108 Magic SysRq
53
+ ---
54
+ message: kernel_parameter value is expected to eq 0
55
+ severity: critical
56
+ ---
57
+ ok 109 Secure Core Dumps - dump settings
58
+ ok 110 Secure Core Dumps - dump path
59
+ ok 111 kernel.randomize_va_space
60
+ ok 112 CPU No execution Flag or Kernel ExecShield
61
+ FAILED tests 35, 36, 37, 49, 50, 51, 52, 53, 54, 55, 66, 69, 70, 75, 76, 77, 78, 79, 80, 85, 88, 89, 90, 91, 92, 93, 94, 96, 97, 98, 99, 100, 101, 102, 103, 104, 105, 106, 108
62
+ Failed 39/112, 65.18% okay
63
+ ```
64
+
65
+ ## Example output: TAP
66
+
67
+ This is a shortened result from running the devsec.io linux-baseline:
68
+
69
+ ```
70
+ 1..112
71
+ ok 1 Trusted hosts login
72
+ ok 2 Check owner and permissions for /etc/shadow
73
+ ok 3 Check owner and permissions for /etc/shadow
74
+
75
+ # ... other lines omitted ...
76
+
77
+ not ok 108 Magic SysRq
78
+ # message: kernel_parameter value is expected to eq 0
79
+ # severity: critical
80
+ ok 109 Secure Core Dumps - dump settings
81
+ ok 110 Secure Core Dumps - dump path
82
+ ok 111 kernel.randomize_va_space
83
+ ok 112 CPU No execution Flag or Kernel ExecShield
84
+ ```
85
+
86
+ ## Developing This Plugin
87
+
88
+ Submit PR and will discuss, thank you!
@@ -0,0 +1,4 @@
1
+ libdir = File.dirname(__FILE__)
2
+ $LOAD_PATH.unshift(libdir) unless $LOAD_PATH.include?(libdir)
3
+
4
+ require "inspec-reporter-tap/plugin"
@@ -0,0 +1,20 @@
1
+ require_relative "version"
2
+
3
+ module InspecPlugins
4
+ module TapReporter
5
+ class Plugin < ::Inspec.plugin(2)
6
+ # Internal machine name of the plugin. InSpec will use this in errors, etc.
7
+ plugin_name :"inspec-reporter-tap"
8
+
9
+ reporter :tap do
10
+ require_relative "reporter"
11
+ InspecPlugins::TapReporter::Reporter
12
+ end
13
+
14
+ reporter :tap13 do
15
+ require_relative "reporter13"
16
+ InspecPlugins::TapReporter::Reporter13
17
+ end
18
+ end
19
+ end
20
+ end
@@ -0,0 +1,78 @@
1
+ require "erb" unless defined? ERB
2
+
3
+ module InspecPlugins::TapReporter
4
+ class Reporter < Inspec.plugin(2, :reporter)
5
+ TestResult = Struct.new(:index, :result, :description, :message, :severity, keyword_init: true)
6
+
7
+ attr_reader :template_erb
8
+
9
+ def initialize(config)
10
+ super(config)
11
+
12
+ @template_erb = "tap.erb"
13
+ end
14
+
15
+ def render
16
+ tests = []
17
+ run_data[:profiles].each do |profile|
18
+ profile.controls.each do |control|
19
+ control.results.each do |result|
20
+ tests << TestResult.new(
21
+ index: tests.count + 1,
22
+ result: status_to_pass(result.status),
23
+ description: control.title,
24
+ message: format("%s %s", result.resource_name, result.expectation_message),
25
+ severity: impact_to_severity(control.impact)
26
+ )
27
+ end
28
+ end
29
+ end
30
+
31
+ passed_tests = tests.select { |data| data.result == "ok" }
32
+ failed_tests = tests - passed_tests
33
+ percent_ok = 100.0 * passed_tests.count / tests.count
34
+
35
+ template_file = File.join(template_path, template_erb)
36
+ template = ERB.new(File.read(template_file))
37
+
38
+ output(template.result(binding))
39
+ end
40
+
41
+ def self.run_data_schema_constraints
42
+ "~> 0.0"
43
+ end
44
+
45
+ private
46
+
47
+ def template_path
48
+ File.expand_path(__FILE__ + "../../../../templates")
49
+ end
50
+
51
+ def status_to_pass(inspec_status)
52
+ case inspec_status
53
+ when "passed", "skipped", "waived"
54
+ "ok"
55
+ else
56
+ "not ok"
57
+ end
58
+ end
59
+
60
+ # @see https://www.first.org/cvss/specification-document#Qualitative-Severity-Rating-Scale
61
+ def impact_to_severity(inspec_severity)
62
+ case inspec_severity
63
+ when 0.0...0.1
64
+ "none"
65
+ when 0.1...0.4
66
+ "low"
67
+ when 0.4...0.7
68
+ "medium"
69
+ when 0.7...0.9
70
+ "high"
71
+ when 0.9..1.0
72
+ "critical"
73
+ else
74
+ "unknown"
75
+ end
76
+ end
77
+ end
78
+ end
@@ -0,0 +1,11 @@
1
+ require_relative "reporter"
2
+
3
+ module InspecPlugins::TapReporter
4
+ class Reporter13 < Reporter
5
+ def initialize(config)
6
+ super(config)
7
+
8
+ @template_erb = "tap13.erb"
9
+ end
10
+ end
11
+ end
@@ -0,0 +1,5 @@
1
+ module InspecPlugins
2
+ module TapReporter
3
+ VERSION = "0.1.0".freeze
4
+ end
5
+ end
@@ -0,0 +1,8 @@
1
+ <%= 1 %>..<%= tests.count %>
2
+ <% tests.each do |test|
3
+ %><%= test.result %> <%= test.index %> <%= test.description %><%
4
+ if test.result == 'not ok'%>
5
+ # message: <%= test.message %>
6
+ # severity: <%= test.severity %><%
7
+ end %>
8
+ <% end %>
@@ -0,0 +1,10 @@
1
+ TAP version 13
2
+ <%= 1 %>..<%= tests.count %>
3
+ <% tests.each do |test|
4
+ %><%= test.result %> <%= test.index %> <%= test.description %>
5
+ <% if test.result == 'not ok' %> ---
6
+ message: <%= test.message %>
7
+ severity: <%= test.severity %>
8
+ ---
9
+ <% end %><% end %>FAILED tests <%= failed_tests.map { |t| t.index }.join(', ') %>
10
+ Failed <%= failed_tests.count %>/<%= tests.count %>, <%= format('%2.2f', percent_ok) %>% okay
metadata ADDED
@@ -0,0 +1,122 @@
1
+ --- !ruby/object:Gem::Specification
2
+ name: inspec-reporter-tap
3
+ version: !ruby/object:Gem::Version
4
+ version: 0.1.0
5
+ platform: ruby
6
+ authors:
7
+ - Thomas Heinen
8
+ autorequire:
9
+ bindir: bin
10
+ cert_chain: []
11
+ date: 2020-10-29 00:00:00.000000000 Z
12
+ dependencies:
13
+ - !ruby/object:Gem::Dependency
14
+ name: bump
15
+ requirement: !ruby/object:Gem::Requirement
16
+ requirements:
17
+ - - "~>"
18
+ - !ruby/object:Gem::Version
19
+ version: '0.9'
20
+ type: :development
21
+ prerelease: false
22
+ version_requirements: !ruby/object:Gem::Requirement
23
+ requirements:
24
+ - - "~>"
25
+ - !ruby/object:Gem::Version
26
+ version: '0.9'
27
+ - !ruby/object:Gem::Dependency
28
+ name: chefstyle
29
+ requirement: !ruby/object:Gem::Requirement
30
+ requirements:
31
+ - - "~>"
32
+ - !ruby/object:Gem::Version
33
+ version: '0.14'
34
+ type: :development
35
+ prerelease: false
36
+ version_requirements: !ruby/object:Gem::Requirement
37
+ requirements:
38
+ - - "~>"
39
+ - !ruby/object:Gem::Version
40
+ version: '0.14'
41
+ - !ruby/object:Gem::Dependency
42
+ name: guard
43
+ requirement: !ruby/object:Gem::Requirement
44
+ requirements:
45
+ - - "~>"
46
+ - !ruby/object:Gem::Version
47
+ version: '2.16'
48
+ type: :development
49
+ prerelease: false
50
+ version_requirements: !ruby/object:Gem::Requirement
51
+ requirements:
52
+ - - "~>"
53
+ - !ruby/object:Gem::Version
54
+ version: '2.16'
55
+ - !ruby/object:Gem::Dependency
56
+ name: mdl
57
+ requirement: !ruby/object:Gem::Requirement
58
+ requirements:
59
+ - - "~>"
60
+ - !ruby/object:Gem::Version
61
+ version: '0.9'
62
+ type: :development
63
+ prerelease: false
64
+ version_requirements: !ruby/object:Gem::Requirement
65
+ requirements:
66
+ - - "~>"
67
+ - !ruby/object:Gem::Version
68
+ version: '0.9'
69
+ - !ruby/object:Gem::Dependency
70
+ name: rake
71
+ requirement: !ruby/object:Gem::Requirement
72
+ requirements:
73
+ - - "~>"
74
+ - !ruby/object:Gem::Version
75
+ version: '13.0'
76
+ type: :development
77
+ prerelease: false
78
+ version_requirements: !ruby/object:Gem::Requirement
79
+ requirements:
80
+ - - "~>"
81
+ - !ruby/object:Gem::Version
82
+ version: '13.0'
83
+ description: Plugin following TAP/TAP13
84
+ email:
85
+ - theinen@tecracer.de
86
+ executables: []
87
+ extensions: []
88
+ extra_rdoc_files: []
89
+ files:
90
+ - CHANGELOG.md
91
+ - README.md
92
+ - lib/inspec-reporter-tap.rb
93
+ - lib/inspec-reporter-tap/plugin.rb
94
+ - lib/inspec-reporter-tap/reporter.rb
95
+ - lib/inspec-reporter-tap/reporter13.rb
96
+ - lib/inspec-reporter-tap/version.rb
97
+ - templates/tap.erb
98
+ - templates/tap13.erb
99
+ homepage: https://github.com/tecracer-chef/inspec-reporter-tap
100
+ licenses:
101
+ - Apache-2.0
102
+ metadata: {}
103
+ post_install_message:
104
+ rdoc_options: []
105
+ require_paths:
106
+ - lib
107
+ required_ruby_version: !ruby/object:Gem::Requirement
108
+ requirements:
109
+ - - ">="
110
+ - !ruby/object:Gem::Version
111
+ version: '2.6'
112
+ required_rubygems_version: !ruby/object:Gem::Requirement
113
+ requirements:
114
+ - - ">="
115
+ - !ruby/object:Gem::Version
116
+ version: '0'
117
+ requirements: []
118
+ rubygems_version: 3.0.3
119
+ signing_key:
120
+ specification_version: 4
121
+ summary: InSpec Reporter for the Test Anything Protocol (TAP)
122
+ test_files: []