inspec 2.1.21 → 2.1.30

data/lib/bundles/inspec-compliance/target.rb

@@ -1,98 +1,98 @@
-# encoding: utf-8
-# author: Christoph Hartmann
-# author: Dominik Richter
-
-require 'uri'
-require 'inspec/fetcher'
-require 'inspec/errors'
-
-# InSpec Target Helper for Chef Compliance
-# reuses UrlHelper, but it knows the target server and the access token already
-# similar to `inspec exec http://localhost:2134/owners/%base%/compliance/%ssh%/tar --user %token%`
-module Compliance
-  class Fetcher < Fetchers::Url
-    name 'compliance'
-    priority 500
-    def self.resolve(target) # rubocop:disable PerceivedComplexity, Metrics/CyclomaticComplexity
-      uri = if target.is_a?(String) && URI(target).scheme == 'compliance'
-              URI(target)
-            elsif target.respond_to?(:key?) && target.key?(:compliance)
-              URI("compliance://#{target[:compliance]}")
-            end
-
-      return nil if uri.nil?
-
-      # we have detailed information available in our lockfile, no need to ask the server
-      if target.respond_to?(:key?) && target.key?(:url)
-        profile_fetch_url = target[:url]
-        config = {}
-      else
-        # check if we have a compliance token
-        config = Compliance::Configuration.new
-        if config['token'].nil? && config['refresh_token'].nil?
-          if config['server_type'] == 'automate'
-            server = 'automate'
-            msg = 'inspec compliance login https://your_automate_server --user USER --ent ENT --dctoken DCTOKEN or --token USERTOKEN'
-          else
-            server = 'compliance'
-            msg = "inspec compliance login https://your_compliance_server --user admin --insecure --token 'PASTE TOKEN HERE' "
-          end
-          raise Inspec::FetcherFailure, <<~EOF
-
-            Cannot fetch #{uri} because your #{server} token has not been
-            configured.
-
-            Please login using
-
-                #{msg}
-          EOF
-        end
-
-        # verifies that the target e.g base/ssh exists
-        profile = Compliance::API.sanitize_profile_name(uri)
-        if !Compliance::API.exist?(config, profile)
-          raise Inspec::FetcherFailure, "The compliance profile #{profile} was not found on the configured compliance server"
-        end
-        profile_fetch_url = Compliance::API.target_url(config, profile)
-      end
-      # We need to pass the token to the fetcher
-      config['token'] = Compliance::API.get_token(config)
-      new(profile_fetch_url, config)
-    rescue URI::Error => _e
-      nil
-    end
-
-    # We want to save compliance: in the lockfile rather than url: to
-    # make sure we go back through the Compliance API handling.
-    def resolved_source
-      @resolved_source ||= {
-        compliance: compliance_profile_name,
-        url: @target,
-        sha256: sha256,
-      }
-    end
-
-    def to_s
-      'Chef Compliance Profile Loader'
-    end
-
-    private
-
-    # determine the owner_id and the profile name from the url
-    def compliance_profile_name
-      m = if Compliance::API.is_automate_server_pre_080?(@config)
-            %r{^#{@config['server']}/(?<owner>[^/]+)/(?<id>[^/]+)/tar$}
-          elsif Compliance::API.is_automate_server_080_and_later?(@config)
-            %r{^#{@config['server']}/profiles/(?<owner>[^/]+)/(?<id>[^/]+)/tar$}
-          else
-            %r{^#{@config['server']}/owners/(?<owner>[^/]+)/compliance/(?<id>[^/]+)/tar$}
-          end.match(@target)
-
-      raise 'Unable to determine compliance profile name. This can be caused by ' \
-        'an incorrect server in your configuration. Try to login to compliance ' \
-        'via the `inspec compliance login` command.' if m.nil?
-
-      "#{m[:owner]}/#{m[:id]}"
-    end
-  end
-end
+# encoding: utf-8
+# author: Christoph Hartmann
+# author: Dominik Richter
+
+require 'uri'
+require 'inspec/fetcher'
+require 'inspec/errors'
+
+# InSpec Target Helper for Chef Compliance
+# reuses UrlHelper, but it knows the target server and the access token already
+# similar to `inspec exec http://localhost:2134/owners/%base%/compliance/%ssh%/tar --user %token%`
+module Compliance
+  class Fetcher < Fetchers::Url
+    name 'compliance'
+    priority 500
+    def self.resolve(target) # rubocop:disable PerceivedComplexity, Metrics/CyclomaticComplexity
+      uri = if target.is_a?(String) && URI(target).scheme == 'compliance'
+              URI(target)
+            elsif target.respond_to?(:key?) && target.key?(:compliance)
+              URI("compliance://#{target[:compliance]}")
+            end
+
+      return nil if uri.nil?
+
+      # we have detailed information available in our lockfile, no need to ask the server
+      if target.respond_to?(:key?) && target.key?(:url)
+        profile_fetch_url = target[:url]
+        config = {}
+      else
+        # check if we have a compliance token
+        config = Compliance::Configuration.new
+        if config['token'].nil? && config['refresh_token'].nil?
+          if config['server_type'] == 'automate'
+            server = 'automate'
+            msg = 'inspec compliance login https://your_automate_server --user USER --ent ENT --dctoken DCTOKEN or --token USERTOKEN'
+          else
+            server = 'compliance'
+            msg = "inspec compliance login https://your_compliance_server --user admin --insecure --token 'PASTE TOKEN HERE' "
+          end
+          raise Inspec::FetcherFailure, <<~EOF
+
+            Cannot fetch #{uri} because your #{server} token has not been
+            configured.
+
+            Please login using
+
+                #{msg}
+          EOF
+        end
+
+        # verifies that the target e.g base/ssh exists
+        profile = Compliance::API.sanitize_profile_name(uri)
+        if !Compliance::API.exist?(config, profile)
+          raise Inspec::FetcherFailure, "The compliance profile #{profile} was not found on the configured compliance server"
+        end
+        profile_fetch_url = Compliance::API.target_url(config, profile)
+      end
+      # We need to pass the token to the fetcher
+      config['token'] = Compliance::API.get_token(config)
+      new(profile_fetch_url, config)
+    rescue URI::Error => _e
+      nil
+    end
+
+    # We want to save compliance: in the lockfile rather than url: to
+    # make sure we go back through the Compliance API handling.
+    def resolved_source
+      @resolved_source ||= {
+        compliance: compliance_profile_name,
+        url: @target,
+        sha256: sha256,
+      }
+    end
+
+    def to_s
+      'Chef Compliance Profile Loader'
+    end
+
+    private
+
+    # determine the owner_id and the profile name from the url
+    def compliance_profile_name
+      m = if Compliance::API.is_automate_server_pre_080?(@config)
+            %r{^#{@config['server']}/(?<owner>[^/]+)/(?<id>[^/]+)/tar$}
+          elsif Compliance::API.is_automate_server_080_and_later?(@config)
+            %r{^#{@config['server']}/profiles/(?<owner>[^/]+)/(?<id>[^/]+)/tar$}
+          else
+            %r{^#{@config['server']}/owners/(?<owner>[^/]+)/compliance/(?<id>[^/]+)/tar$}
+          end.match(@target)
+
+      raise 'Unable to determine compliance profile name. This can be caused by ' \
+        'an incorrect server in your configuration. Try to login to compliance ' \
+        'via the `inspec compliance login` command.' if m.nil?
+
+      "#{m[:owner]}/#{m[:id]}"
+    end
+  end
+end

data/lib/bundles/inspec-compliance/test/integration/default/cli.rb

@@ -1,93 +1,93 @@
-# encoding: utf-8
-
-# options
-inspec_bin = 'BUNDLE_GEMFILE=/inspec/Gemfile bundle exec inspec'
-api_url = 'https://0.0.0.0'
-profile = '/inspec/examples/profile'
-
-user = command('whoami').stdout.strip
-pwd = command('pwd').stdout.strip
-puts "Run test as #{user} in path #{pwd}"
-
-# TODO: determine tokens automatically, define in kitchen yml
-access_token = ENV['COMPLIANCE_ACCESSTOKEN']
-refresh_token = ENV['COMPLIANCE_REFRESHTOKEN']
-
-%w{refresh_token access_token}.each do |type| # rubocop:disable Metrics/BlockLength
-  case type
-  when 'access_token'
-    token_options = "--token '#{access_token}'"
-  when 'refresh_token'
-    token_options = "--refresh_token '#{refresh_token}'"
-  end
-
-  # verifies that the help command works
-  describe command("#{inspec_bin} compliance help") do
-    its('stdout') { should include 'inspec compliance help [COMMAND]' }
-    its('stderr') { should eq '' }
-    its('exit_status') { should eq 0 }
-  end
-
-  # version command fails gracefully when server not configured
-  describe command("#{inspec_bin} compliance version") do
-    its('stdout') { should include 'Server configuration information is missing' }
-    its('stderr') { should eq '' }
-    its('exit_status') { should eq 1 }
-  end
-
-  # submitting a wrong token should have an exit of 0
-  describe command("#{inspec_bin} compliance login #{api_url} --insecure --user 'admin' --token 'wrong-token'") do
-    its('stdout') { should include 'token stored' }
-  end
-
-  # compliance login --help should give an accurate message for login
-  describe command("#{inspec_bin} compliance login --help") do
-    its('stdout') { should include "inspec compliance login SERVER --insecure --user='USER' --token='TOKEN'" }
-    its('exit_status') { should eq 0 }
-  end
-
-  # profiles command fails gracefully when token/server info is incorrect
-  describe command("#{inspec_bin} compliance profiles") do
-    its('stdout') { should include '401 Unauthorized. Please check your token' }
-    its('stderr') { should eq '' }
-    its('exit_status') { should eq 1 }
-  end
-
-  # login via access token token
-  describe command("#{inspec_bin} compliance login #{api_url} --insecure --user 'admin' #{token_options}") do
-    its('stdout') { should include 'token', 'stored' }
-    its('stdout') { should_not include 'Your server supports --user and --password only' }
-    its('stderr') { should eq '' }
-    its('exit_status') { should eq 0 }
-  end
-
-  # see available resources
-  describe command("#{inspec_bin} compliance profiles") do
-    its('stdout') { should include 'base/ssh' }
-    its('stderr') { should eq '' }
-    its('exit_status') { should eq 0 }
-  end
-
-  # upload a compliance profile
-  describe command("#{inspec_bin} compliance upload #{profile} --overwrite") do
-    its('stdout') { should include 'Profile is valid' }
-    its('stdout') { should include 'Successfully uploaded profile' }
-    its('stdout') { should_not include 'error(s)' }
-    its('stderr') { should eq '' }
-    its('exit_status') { should eq 0 }
-  end
-
-  # returns the version of the server
-  describe command("#{inspec_bin} compliance version") do
-    its('stdout') { should include 'Chef Compliance version:' }
-    its('stderr') { should eq '' }
-    its('exit_status') { should eq 0 }
-  end
-
-  # logout
-  describe command("#{inspec_bin} compliance logout") do
-    its('stdout') { should include 'Successfully logged out' }
-    its('stderr') { should eq '' }
-    its('exit_status') { should eq 0 }
-  end
-end
+# encoding: utf-8
+
+# options
+inspec_bin = 'BUNDLE_GEMFILE=/inspec/Gemfile bundle exec inspec'
+api_url = 'https://0.0.0.0'
+profile = '/inspec/examples/profile'
+
+user = command('whoami').stdout.strip
+pwd = command('pwd').stdout.strip
+puts "Run test as #{user} in path #{pwd}"
+
+# TODO: determine tokens automatically, define in kitchen yml
+access_token = ENV['COMPLIANCE_ACCESSTOKEN']
+refresh_token = ENV['COMPLIANCE_REFRESHTOKEN']
+
+%w{refresh_token access_token}.each do |type| # rubocop:disable Metrics/BlockLength
+  case type
+  when 'access_token'
+    token_options = "--token '#{access_token}'"
+  when 'refresh_token'
+    token_options = "--refresh_token '#{refresh_token}'"
+  end
+
+  # verifies that the help command works
+  describe command("#{inspec_bin} compliance help") do
+    its('stdout') { should include 'inspec compliance help [COMMAND]' }
+    its('stderr') { should eq '' }
+    its('exit_status') { should eq 0 }
+  end
+
+  # version command fails gracefully when server not configured
+  describe command("#{inspec_bin} compliance version") do
+    its('stdout') { should include 'Server configuration information is missing' }
+    its('stderr') { should eq '' }
+    its('exit_status') { should eq 1 }
+  end
+
+  # submitting a wrong token should have an exit of 0
+  describe command("#{inspec_bin} compliance login #{api_url} --insecure --user 'admin' --token 'wrong-token'") do
+    its('stdout') { should include 'token stored' }
+  end
+
+  # compliance login --help should give an accurate message for login
+  describe command("#{inspec_bin} compliance login --help") do
+    its('stdout') { should include "inspec compliance login SERVER --insecure --user='USER' --token='TOKEN'" }
+    its('exit_status') { should eq 0 }
+  end
+
+  # profiles command fails gracefully when token/server info is incorrect
+  describe command("#{inspec_bin} compliance profiles") do
+    its('stdout') { should include '401 Unauthorized. Please check your token' }
+    its('stderr') { should eq '' }
+    its('exit_status') { should eq 1 }
+  end
+
+  # login via access token token
+  describe command("#{inspec_bin} compliance login #{api_url} --insecure --user 'admin' #{token_options}") do
+    its('stdout') { should include 'token', 'stored' }
+    its('stdout') { should_not include 'Your server supports --user and --password only' }
+    its('stderr') { should eq '' }
+    its('exit_status') { should eq 0 }
+  end
+
+  # see available resources
+  describe command("#{inspec_bin} compliance profiles") do
+    its('stdout') { should include 'base/ssh' }
+    its('stderr') { should eq '' }
+    its('exit_status') { should eq 0 }
+  end
+
+  # upload a compliance profile
+  describe command("#{inspec_bin} compliance upload #{profile} --overwrite") do
+    its('stdout') { should include 'Profile is valid' }
+    its('stdout') { should include 'Successfully uploaded profile' }
+    its('stdout') { should_not include 'error(s)' }
+    its('stderr') { should eq '' }
+    its('exit_status') { should eq 0 }
+  end
+
+  # returns the version of the server
+  describe command("#{inspec_bin} compliance version") do
+    its('stdout') { should include 'Chef Compliance version:' }
+    its('stderr') { should eq '' }
+    its('exit_status') { should eq 0 }
+  end
+
+  # logout
+  describe command("#{inspec_bin} compliance logout") do
+    its('stdout') { should include 'Successfully logged out' }
+    its('stderr') { should eq '' }
+    its('exit_status') { should eq 0 }
+  end
+end

data/lib/bundles/inspec-habitat.rb

@@ -1,12 +1,12 @@
-# encoding: utf-8
-# author: Adam Leff
-
-libdir = File.dirname(__FILE__)
-$LOAD_PATH.unshift(libdir) unless $LOAD_PATH.include?(libdir)
-
-module Habitat
-  autoload :Log,     'inspec-habitat/log'
-  autoload :Profile, 'inspec-habitat/profile'
-end
-
-require 'inspec-habitat/cli'
+# encoding: utf-8
+# author: Adam Leff
+
+libdir = File.dirname(__FILE__)
+$LOAD_PATH.unshift(libdir) unless $LOAD_PATH.include?(libdir)
+
+module Habitat
+  autoload :Log,     'inspec-habitat/log'
+  autoload :Profile, 'inspec-habitat/profile'
+end
+
+require 'inspec-habitat/cli'

data/lib/bundles/inspec-habitat/cli.rb

@@ -1,36 +1,36 @@
-# encoding: utf-8
-# author: Adam Leff
-
-require 'thor'
-
-module Habitat
-  class HabitatProfileCLI < Thor
-    namespace 'habitat profile'
-
-    desc 'create PATH', 'Create a one-time Habitat artifact for the profile found at PATH'
-    option :output_dir, type: :string, required: false,
-      desc: 'Directory in which to save the generated Habitat artifact. Default: current directory'
-    def create(path)
-      Habitat::Profile.create(path, options)
-    end
-
-    desc 'setup PATH', 'Configure the profile at PATH for Habitat, including a plan and hooks'
-    def setup(path)
-      Habitat::Profile.setup(path)
-    end
-
-    desc 'upload PATH', 'Create a one-time Habitat artifact for the profile found at PATH, and upload it to a Habitat Depot'
-    def upload(path)
-      Habitat::Profile.upload(path, options)
-    end
-  end
-
-  class HabitatCLI < Inspec::BaseCLI
-    namespace 'habitat'
-
-    desc 'profile', 'Manage InSpec profiles as Habitat artifacts'
-    subcommand 'profile', HabitatProfileCLI
-  end
-
-  Inspec::Plugins::CLI.add_subcommand(HabitatCLI, 'habitat', 'habitat SUBCOMMAND ...', 'Commands for InSpec + Habitat Integration', {})
-end
+# encoding: utf-8
+# author: Adam Leff
+
+require 'thor'
+
+module Habitat
+  class HabitatProfileCLI < Thor
+    namespace 'habitat profile'
+
+    desc 'create PATH', 'Create a one-time Habitat artifact for the profile found at PATH'
+    option :output_dir, type: :string, required: false,
+      desc: 'Directory in which to save the generated Habitat artifact. Default: current directory'
+    def create(path)
+      Habitat::Profile.create(path, options)
+    end
+
+    desc 'setup PATH', 'Configure the profile at PATH for Habitat, including a plan and hooks'
+    def setup(path)
+      Habitat::Profile.setup(path)
+    end
+
+    desc 'upload PATH', 'Create a one-time Habitat artifact for the profile found at PATH, and upload it to a Habitat Depot'
+    def upload(path)
+      Habitat::Profile.upload(path, options)
+    end
+  end
+
+  class HabitatCLI < Inspec::BaseCLI
+    namespace 'habitat'
+
+    desc 'profile', 'Manage InSpec profiles as Habitat artifacts'
+    subcommand 'profile', HabitatProfileCLI
+  end
+
+  Inspec::Plugins::CLI.add_subcommand(HabitatCLI, 'habitat', 'habitat SUBCOMMAND ...', 'Commands for InSpec + Habitat Integration', {})
+end