inspec 0.20.1 → 0.21.0

data/lib/inspec/objects/or_test.rb

@@ -2,6 +2,7 @@
 
 module Inspec
   class OrTest
+    attr_reader :tests
     def initialize(tests)
       @tests = tests
     end

data/lib/inspec/objects/test.rb

@@ -48,7 +48,7 @@ module Inspec
 
       if @qualifier.length > 1
         last = @qualifier[-1]
-        # preventing its(:to_i) as the value returned is always 0
+        # preventing its('to_i') as the value returned is always 0
         if last.length == 1 && last[0] != 'to_i'
           xres = last[0]
         else
@@ -63,10 +63,10 @@ module Inspec
       vars = variables.map(&:to_ruby).join("\n")
       vars += "\n" unless vars.empty?
       res, xtra = describe_chain
-      itsy = xtra.nil? ? 'it' : 'its(' + xtra.to_sym.inspect + ')'
+      itsy = xtra.nil? ? 'it' : 'its(' + xtra.to_s.inspect + ')'
       naughty = @negated ? '_not' : ''
-      xpect = defined?(@expectation) ? expectation.inspect : ''
-      format("%sdescribe %s do\n  %s { should%s %s %s }\nend",
+      xpect = defined?(@expectation) ? expectation.inspect+' ' : ''
+      format("%sdescribe %s do\n  %s { should%s %s %s}\nend",
              vars, res, itsy, naughty, matcher, xpect)
     end
 

data/lib/inspec/profile.rb

@@ -11,7 +11,6 @@ require 'inspec/metadata'
 module Inspec
   class Profile # rubocop:disable Metrics/ClassLength
     extend Forwardable
-    attr_reader :path
 
     def self.resolve_target(target, opts)
       # Fetchers retrieve file contents
@@ -35,6 +34,7 @@ module Inspec
     end
 
     attr_reader :source_reader
+    attr_accessor :runner_context
     def_delegator :@source_reader, :tests
     def_delegator :@source_reader, :libraries
     def_delegator :@source_reader, :metadata
@@ -46,6 +46,7 @@ module Inspec
       @logger = @options[:logger] || Logger.new(nil)
       @source_reader = source_reader
       @profile_id = @options[:id]
+      @runner_context = nil
       Metadata.finalize(@source_reader.metadata, @profile_id)
     end
 
@@ -55,24 +56,16 @@ module Inspec
 
     def info
       res = params.dup
-      rules = {}
-      res[:rules].each do |gid, group|
-        next if gid.to_s.empty?
-        rules[gid] = { title: gid, rules: {} }
-        group.each do |id, rule|
-          next if id.to_s.empty?
-          data = rule.dup
-          data.delete(:checks)
-          data[:impact] ||= 0.5
-          data[:impact] = 1.0 if data[:impact] > 1.0
-          data[:impact] = 0.0 if data[:impact] < 0.0
-          rules[gid][:rules][id] = data
-          # TODO: temporarily flatten the group down; replace this with
-          # proper hierarchy later on
-          rules[gid][:title] = data[:group_title]
-        end
+      controls = res[:controls].map do |id, rule|
+        next if id.to_s.empty?
+        data = rule.dup
+        data.delete(:checks)
+        data[:impact] ||= 0.5
+        data[:impact] = 1.0 if data[:impact] > 1.0
+        data[:impact] = 0.0 if data[:impact] < 0.0
+        [id, data]
       end
-      res[:rules] = rules
+      res[:controls] = Hash[controls.compact]
       res
     end
 
@@ -137,7 +130,7 @@ module Inspec
         warn.call(@target, 0, 0, nil, 'Profile uses deprecated `test` directory, rename it to `controls`.')
       end
 
-      count = rules_count
+      count = controls_count
       result[:summary][:controls] = count
       if count == 0
         warn.call(nil, nil, nil, nil, 'No controls or tests were defined.')
@@ -146,18 +139,15 @@ module Inspec
       end
 
       # iterate over hash of groups
-      params[:rules].each { |group, controls|
-        @logger.info "Verify all controls in #{group}"
-        controls.each { |id, control|
-          sfile, sline = control[:source_location]
-          error.call(sfile, sline, nil, id, 'Avoid controls with empty IDs') if id.nil? or id.empty?
-          next if id.start_with? '(generated '
-          warn.call(sfile, sline, nil, id, "Control #{id} has no title") if control[:title].to_s.empty?
-          warn.call(sfile, sline, nil, id, "Control #{id} has no description") if control[:desc].to_s.empty?
-          warn.call(sfile, sline, nil, id, "Control #{id} has impact > 1.0") if control[:impact].to_f > 1.0
-          warn.call(sfile, sline, nil, id, "Control #{id} has impact < 0.0") if control[:impact].to_f < 0.0
-          warn.call(sfile, sline, nil, id, "Control #{id} has no tests defined") if control[:checks].nil? or control[:checks].empty?
-        }
+      params[:controls].each { |id, control|
+        sfile, sline = control[:source_location]
+        error.call(sfile, sline, nil, id, 'Avoid controls with empty IDs') if id.nil? or id.empty?
+        next if id.start_with? '(generated '
+        warn.call(sfile, sline, nil, id, "Control #{id} has no title") if control[:title].to_s.empty?
+        warn.call(sfile, sline, nil, id, "Control #{id} has no description") if control[:desc].to_s.empty?
+        warn.call(sfile, sline, nil, id, "Control #{id} has impact > 1.0") if control[:impact].to_f > 1.0
+        warn.call(sfile, sline, nil, id, "Control #{id} has impact < 0.0") if control[:impact].to_f < 0.0
+        warn.call(sfile, sline, nil, id, "Control #{id} has no tests defined") if control[:checks].nil? or control[:checks].empty?
       }
 
       # profile is valid if we could not find any error
@@ -167,8 +157,8 @@ module Inspec
       result
     end
 
-    def rules_count
-      params[:rules].values.map { |hm| hm.values.length }.inject(:+) || 0
+    def controls_count
+      params[:controls].values.length
     end
 
     # generates a archive of a folder profile
@@ -233,38 +223,63 @@ module Inspec
     def load_params
       params = @source_reader.metadata.params
       params[:name] = @profile_id unless @profile_id.nil?
-      params[:rules] = rules = {}
+      load_checks_params(params)
+      @profile_id ||= params[:name]
+      params
+    end
+
+    def load_checks_params(params)
+      params[:controls] = controls = {}
+      params[:groups] = groups = {}
       prefix = @source_reader.target.prefix || ''
 
-      # we're checking a profile, we don't care if it runs on the host machine
-      opts = @options.dup
-      opts[:ignore_supports] = true
-      runner = Runner.new(
-        id: @profile_id,
-        backend: :mock,
-        test_collector: opts.delete(:test_collector),
-      )
-      runner.add_profile(self, opts)
-
-      runner.rules.each do |id, rule|
-        file = rule.instance_variable_get(:@__file)
-        file = file[prefix.length..-1] if file.start_with?(prefix)
-        rules[file] ||= {}
-        rules[file][id] = {
-          title: rule.title,
-          desc: rule.desc,
-          impact: rule.impact,
-          refs: rule.ref,
-          tags: rule.tag,
-          checks: Inspec::Rule.checks(rule),
-          code: rule.instance_variable_get(:@__code),
-          source_location: rule.instance_variable_get(:@__source_location),
-          group_title: rule.instance_variable_get(:@__group_title),
-        }
+      if @runner_context.nil?
+        # we're checking a profile, we don't care if it runs on the host machine
+        opts = @options.dup
+        opts[:ignore_supports] = true
+        runner = Runner.new(
+          id: @profile_id,
+          backend: :mock,
+          test_collector: opts.delete(:test_collector),
+        )
+        runner.add_profile(self, opts)
+        runner.rules.values.each do |rule|
+          f = load_rule_filepath(prefix, rule)
+          load_rule(rule, f, controls, groups)
+        end
+      else
+        # load from context
+        @runner_context.rules.values.each do |rule|
+          f = load_rule_filepath(prefix, rule)
+          load_rule(rule, f, controls, groups)
+        end
       end
+    end
 
-      @profile_id ||= params[:name]
-      params
+    def load_rule_filepath(prefix, rule)
+      file = rule.instance_variable_get(:@__file)
+      file = file[prefix.length..-1] if file.start_with?(prefix)
+      file
+    end
+
+    def load_rule(rule, file, controls, groups)
+      id = Inspec::Rule.rule_id(rule)
+      controls[id] = {
+        title: rule.title,
+        desc: rule.desc,
+        impact: rule.impact,
+        refs: rule.ref,
+        tags: rule.tag,
+        checks: Inspec::Rule.checks(rule),
+        code: rule.instance_variable_get(:@__code),
+        source_location: rule.instance_variable_get(:@__source_location),
+      }
+
+      groups[file] ||= {
+        title: rule.instance_variable_get(:@__group_title),
+        controls: [],
+      }
+      groups[file][:controls].push(id)
     end
   end
 end

data/lib/inspec/profile_context.rb

@@ -41,24 +41,19 @@ module Inspec
     end
 
     def unregister_rule(id)
-      full_id = Inspec::Rule.full_id(@profile_id, id)
-      @rules[full_id] = nil
+      @rules.delete(full_id(@profile_id, id))
     end
 
     def register_rule(r)
       # get the full ID
       r.instance_variable_set(:@__file, @current_load[:file])
       r.instance_variable_set(:@__group_title, @current_load[:title])
-      full_id = Inspec::Rule.full_id(@profile_id, r)
-      if full_id.nil?
-        # TODO: error
-        return
-      end
 
       # add the rule to the registry
-      existing = @rules[full_id]
+      fid = full_id(Inspec::Rule.profile_id(r), Inspec::Rule.rule_id(r))
+      existing = @rules[fid]
       if existing.nil?
-        @rules[full_id] = r
+        @rules[fid] = r
       else
         Inspec::Rule.merge(existing, r)
       end
@@ -70,6 +65,11 @@ module Inspec
 
     private
 
+    def full_id(pid, rid)
+      return rid.to_s if pid.to_s.empty?
+      pid.to_s + '/' + rid.to_s
+    end
+
     # Create the context for controls. This includes all components of the DSL,
     # including matchers and resources.
     #
@@ -93,6 +93,7 @@ module Inspec
     # @return [ProfileContextClass]
     def create_context(resources_dsl, rule_class) # rubocop:disable Metrics/AbcSize, Metrics/MethodLength
       profile_context_owner = self
+      profile_id = @profile_id
 
       # rubocop:disable Lint/NestedMethodDefinition
       Class.new do
@@ -116,7 +117,7 @@ module Inspec
         define_method :control do |*args, &block|
           id = args[0]
           opts = args[1] || {}
-          register_control(rule_class.new(id, opts, &block))
+          register_control(rule_class.new(id, profile_id, opts, &block))
         end
 
         define_method :describe do |*args, &block|
@@ -124,7 +125,7 @@ module Inspec
           id = "(generated from #{loc} #{SecureRandom.hex})"
 
           res = nil
-          rule = rule_class.new(id, {}) do
+          rule = rule_class.new(id, profile_id, {}) do
             res = describe(*args, &block)
           end
           register_control(rule, &block)

data/lib/inspec/rspec_json_formatter.rb

@@ -5,43 +5,46 @@
 require 'rspec/core'
 require 'rspec/core/formatters/json_formatter'
 
-# Extend the basic RSpec JSON Formatter
-# to give us an ID in its output
-# TODO: remove once RSpec has IDs in stable (probably v3.3/v4.0)
-module RSpec::Core::Formatters
-  class JsonFormatter
-    private
-
-    def format_example(example)
-      {
-        description: example.description,
-        full_description: example.full_description,
-        status: example.execution_result.status.to_s,
-        file_path: example.metadata['file_path'],
-        line_number: example.metadata['line_number'],
-        run_time: example.execution_result.run_time,
-        pending_message: example.execution_result.pending_message,
-        id: example.metadata[:id],
-        impact: example.metadata[:impact],
-      }
-    end
+# Vanilla RSpec JSON formatter with a slight extension to show example IDs.
+# TODO: Remove these lines when RSpec includes the ID natively
+class InspecRspecVanilla < RSpec::Core::Formatters::JsonFormatter
+  RSpec::Core::Formatters.register self, :message, :dump_summary, :dump_profile, :stop, :close
+
+  private
+
+  def format_example(example)
+    res = super(example)
+    res[:id] = example.metadata[:id]
+    res
   end
 end
 
-class InspecRspecFormatter < RSpec::Core::Formatters::JsonFormatter
+# Minimal JSON formatter for inspec. Only contains limited information about
+# examples without any extras.
+class InspecRspecMiniJson < RSpec::Core::Formatters::JsonFormatter
   RSpec::Core::Formatters.register self, :message, :dump_summary, :dump_profile, :stop, :close
 
-  def add_profile(profile)
-    @profiles ||= []
-    @profiles.push(profile)
+  def dump_summary(summary)
+    @output_hash[:version] = Inspec::VERSION
+    @output_hash[:summary] = {
+      duration: summary.duration,
+      example_count: summary.example_count,
+      failure_count: summary.failure_count,
+      skip_count: summary.pending_count,
+    }
   end
 
-  def dump_summary(summary)
-    super(summary)
-    @output_hash[:profiles] = Array(@profiles).map do |profile|
-      r = profile.params.dup
-      r.delete(:rules)
-      r
+  def stop(notification)
+    @output_hash[:controls] = notification.examples.map do |example|
+      format_example(example).tap do |hash|
+        e = example.exception
+        next unless e
+        hash[:message] = e.message
+
+        next if e.is_a? RSpec::Expectations::ExpectationNotMetError
+        hash[:exception] = e.class.name
+        hash[:backtrace] = e.backtrace
+      end
     end
   end
 
@@ -50,21 +53,71 @@ class InspecRspecFormatter < RSpec::Core::Formatters::JsonFormatter
   def format_example(example)
     res = {
       id: example.metadata[:id],
-      title: example.metadata[:title],
-      desc: example.metadata[:desc],
-      code: example.metadata[:code],
-      impact: example.metadata[:impact],
       status: example.execution_result.status.to_s,
       code_desc: example.full_description,
-      ref: example.metadata['file_path'],
-      ref_line: example.metadata['line_number'],
-      run_time: example.execution_result.run_time,
-      start_time: example.execution_result.started_at.to_s,
     }
 
-    # pending messages are embedded in the resources description
-    res[:pending] = example.metadata[:description] if res[:status] == 'pending'
+    unless (pid = example.metadata[:profile_id]).nil?
+      res[:profile_id] = pid
+    end
+
+    if res[:status] == 'pending'
+      res[:status] = 'skipped'
+      res[:skip_message] = example.metadata[:description]
+      res[:resource] = example.metadata[:described_class].to_s
+    end
 
     res
   end
 end
+
+class InspecRspecJson < InspecRspecMiniJson
+  RSpec::Core::Formatters.register self, :message, :dump_summary, :dump_profile, :stop, :close
+
+  def add_profile(profile)
+    @profiles ||= []
+    @profiles.push(profile)
+  end
+
+  def dump_one_example(example, profiles, missing)
+    profile = profiles[example[:profile_id]]
+    return missing.push(example) if profile.nil? || profile[:controls].nil?
+
+    control = profile[:controls][example[:id]]
+    return missing.push(example) if control.nil?
+
+    control[:results] ||= []
+    example.delete(:id)
+    example.delete(:profile_id)
+    control[:results].push(example)
+  end
+
+  def profile_info(profile)
+    info = profile.info.dup
+    [info[:name], info]
+  end
+
+  def dump_summary(summary)
+    super(summary)
+    @profiles ||= []
+    examples = @output_hash.delete(:controls)
+    profiles = Hash[@profiles.map { |x| profile_info(x) }]
+    missing = []
+
+    examples.each do |example|
+      dump_one_example(example, profiles, missing)
+    end
+
+    @output_hash[:profiles] = profiles
+    @output_hash[:other_checks] = missing
+  end
+
+  private
+
+  def format_example(example)
+    super(example).tap do |res|
+      res[:run_time]   = example.execution_result.run_time
+      res[:start_time] = example.execution_result.started_at.to_s
+    end
+  end
+end