kitchen-terraform 4.9.0 → 5.0.0
Sign up to get free protection for your applications and to get access to all the features.
- checksums.yaml +4 -4
- checksums.yaml.gz.sig +0 -0
- data.tar.gz.sig +0 -0
- data/README.md +7 -4
- data/lib/kitchen/terraform/config_attribute_type/hash_of_symbols_and_strings.rb +1 -1
- data/lib/kitchen/terraform/config_attribute_type/integer.rb +1 -1
- data/lib/kitchen/terraform/config_schemas/array_of_strings.rb +1 -1
- data/lib/kitchen/terraform/config_schemas/boolean.rb +1 -1
- data/lib/kitchen/terraform/config_schemas/optional_string.rb +1 -1
- data/lib/kitchen/terraform/config_schemas/string.rb +1 -1
- data/lib/kitchen/terraform/inspec_options_mapper.rb +37 -15
- data/lib/kitchen/terraform/version.rb +1 -1
- data/lib/kitchen/verifier/terraform.rb +16 -11
- metadata +22 -22
- metadata.gz.sig +0 -0
checksums.yaml
CHANGED
@@ -1,7 +1,7 @@
|
|
1
1
|
---
|
2
2
|
SHA256:
|
3
|
-
metadata.gz:
|
4
|
-
data.tar.gz:
|
3
|
+
metadata.gz: 23cdadc08458f2760b38239da6ddbf6b395c2b5804f81a87f80a44c76e619685
|
4
|
+
data.tar.gz: ab73966fb25e94f3472edf2cb36340f2a12f20397bd8fead5017f78cbc1f38f3
|
5
5
|
SHA512:
|
6
|
-
metadata.gz:
|
7
|
-
data.tar.gz:
|
6
|
+
metadata.gz: ff54a17d05adc652c1dd00b60391cb95c7f8cfdda2c691807d6edfaf97695fd495e0eb806b66dcad91280984e877d0bd1bc00865e58245cfd11baab37d23795f
|
7
|
+
data.tar.gz: 76a2669d4e001dd3a1349170718cd1addc6784a108b4404fb7dab6e96b75477b4eabf2c5491d286f5bd0d66e92ff0fabc6056dd54a6befc4356470fd70efb1b4
|
checksums.yaml.gz.sig
CHANGED
Binary file
|
data.tar.gz.sig
CHANGED
Binary file
|
data/README.md
CHANGED
@@ -6,7 +6,8 @@
|
|
6
6
|
[![Gem downloads version][gem-downloads-version-shield]][kitchen-terraform-gem]
|
7
7
|
[![Gem downloads total][gem-downloads-total-shield]][kitchen-terraform-gem]
|
8
8
|
|
9
|
-
[![Build status][build-status-shield]][build-status]
|
9
|
+
[![Travis CI Build status][travis-build-status-shield]][travis-build-status]
|
10
|
+
[![AppVeyor Build status][appveyor-build-status-shield]][appveyor-build-status]
|
10
11
|
[![Code coverage][code-coverage-shield]][code-coverage]
|
11
12
|
[![Maintainability][maintainability-shield]][maintainability]
|
12
13
|
[![Technical debt][technical-debt-shield]][technical-debt]
|
@@ -49,7 +50,7 @@ Installation instructions can be found in the
|
|
49
50
|
|
50
51
|
Kitchen-Terraform aims to support all versions of Ruby that are in
|
51
52
|
["normal" or "security" maintenance][ruby-branches], which is currently
|
52
|
-
the interval of `>= 2.
|
53
|
+
the interval of `>= 2.4, < 2.7`.
|
53
54
|
|
54
55
|
[rbenv] can be used to manage versions of Ruby on the system.
|
55
56
|
|
@@ -356,8 +357,8 @@ Kitchen-Terraform is distributed under the [Apache License][license].
|
|
356
357
|
|
357
358
|
<!-- Markdown links and image definitions -->
|
358
359
|
|
359
|
-
[build-status-shield]: https://
|
360
|
-
[build-status]: https://
|
360
|
+
[appveyor-build-status-shield]: https://ci.appveyor.com/api/projects/status/8d7t014gij5grk5r/branch/master?svg=true
|
361
|
+
[appveyor-build-status]: https://ci.appveyor.com/project/aaron-lane/kitchen-terraform/branch/master
|
361
362
|
[bundler-getting-started]: https://bundler.io/#getting-started
|
362
363
|
[bundler-in-depth]: https://bundler.io/gemfile.html
|
363
364
|
[bundler]: https://bundler.io/index.html#getting-started
|
@@ -404,3 +405,5 @@ Kitchen-Terraform is distributed under the [Apache License][license].
|
|
404
405
|
[test-kitchen-configuration-file]: https://docs.chef.io/config_yml_kitchen.html
|
405
406
|
[test-kitchen]: http://kitchen.ci/index.html
|
406
407
|
[tfenv]: https://github.com/kamatama41/tfenv
|
408
|
+
[travis-build-status-shield]: https://img.shields.io/travis/com/newcontext-oss/kitchen-terraform.svg
|
409
|
+
[travis-build-status]: https://travis-ci.com/newcontext-oss/kitchen-terraform
|
@@ -14,7 +14,7 @@
|
|
14
14
|
# See the License for the specific language governing permissions and
|
15
15
|
# limitations under the License.
|
16
16
|
|
17
|
-
require "dry
|
17
|
+
require "dry/validation"
|
18
18
|
require "kitchen/terraform/config_attribute"
|
19
19
|
require "kitchen/terraform/config_attribute_type"
|
20
20
|
require "kitchen/terraform/config_predicates/hash_of_symbols_and_strings"
|
@@ -14,7 +14,7 @@
|
|
14
14
|
# See the License for the specific language governing permissions and
|
15
15
|
# limitations under the License.
|
16
16
|
|
17
|
-
require "dry
|
17
|
+
require "dry/validation"
|
18
18
|
require "kitchen/terraform/config_attribute"
|
19
19
|
require "kitchen/terraform/config_attribute_type"
|
20
20
|
|
@@ -14,7 +14,7 @@
|
|
14
14
|
# See the License for the specific language governing permissions and
|
15
15
|
# limitations under the License.
|
16
16
|
|
17
|
-
require "dry
|
17
|
+
require "dry/validation"
|
18
18
|
require "kitchen/terraform/config_schemas"
|
19
19
|
|
20
20
|
# A validation schema for a configuration attribute which is an array including only strings.
|
@@ -14,7 +14,7 @@
|
|
14
14
|
# See the License for the specific language governing permissions and
|
15
15
|
# limitations under the License.
|
16
16
|
|
17
|
-
require "dry
|
17
|
+
require "dry/validation"
|
18
18
|
require "kitchen/terraform/config_schemas"
|
19
19
|
|
20
20
|
# A validation schema for a configuration attribute which is a boolean.
|
@@ -14,7 +14,7 @@
|
|
14
14
|
# See the License for the specific language governing permissions and
|
15
15
|
# limitations under the License.
|
16
16
|
|
17
|
-
require "dry
|
17
|
+
require "dry/validation"
|
18
18
|
require "kitchen/terraform/config_schemas"
|
19
19
|
|
20
20
|
# A validation schema for a configuration attribute which is an optional string.
|
@@ -14,7 +14,7 @@
|
|
14
14
|
# See the License for the specific language governing permissions and
|
15
15
|
# limitations under the License.
|
16
16
|
|
17
|
-
require "dry
|
17
|
+
require "dry/validation"
|
18
18
|
require "kitchen/terraform/config_schemas"
|
19
19
|
|
20
20
|
# Defines a validation schema for a string.
|
@@ -18,14 +18,45 @@ require "kitchen/terraform"
|
|
18
18
|
|
19
19
|
# Kitchen::Terraform::InSpecOptionsMapper maps system configuration attributes to an InSpec options hash.
|
20
20
|
class ::Kitchen::Terraform::InSpecOptionsMapper
|
21
|
+
SYSTEM_ATTRIBUTES_TO_OPTIONS = {
|
22
|
+
attrs: :input_file,
|
23
|
+
backend_cache: :backend_cache,
|
24
|
+
backend: :backend,
|
25
|
+
bastion_host: :bastion_host,
|
26
|
+
bastion_port: :bastion_port,
|
27
|
+
bastion_user: :bastion_user,
|
28
|
+
controls: :controls,
|
29
|
+
enable_password: :enable_password,
|
30
|
+
key_files: :key_files,
|
31
|
+
password: :password,
|
32
|
+
path: :path,
|
33
|
+
port: :port,
|
34
|
+
proxy_command: :proxy_command,
|
35
|
+
reporter: "reporter",
|
36
|
+
self_signed: :self_signed,
|
37
|
+
shell_command: :shell_command,
|
38
|
+
shell_options: :shell_options,
|
39
|
+
shell: :shell,
|
40
|
+
show_progress: :show_progress,
|
41
|
+
ssl: :ssl,
|
42
|
+
sudo_command: :sudo_command,
|
43
|
+
sudo_options: :sudo_options,
|
44
|
+
sudo_password: :sudo_password,
|
45
|
+
sudo: :sudo,
|
46
|
+
user: :user,
|
47
|
+
vendor_cache: :vendor_cache,
|
48
|
+
}
|
49
|
+
|
21
50
|
# map populates an InSpec options hash based on the intersection between the system keys and the supported options
|
22
51
|
# keys, converting keys from symbols to strings as required by InSpec.
|
23
52
|
#
|
24
53
|
# @param options [::Hash] the InSpec options hash to be populated.
|
25
54
|
# @return [void]
|
26
|
-
def map(options:)
|
27
|
-
|
28
|
-
|
55
|
+
def map(options:, system:)
|
56
|
+
system.lazy.select do |attribute_name, _|
|
57
|
+
system_attributes_to_options.key?(attribute_name)
|
58
|
+
end.each do |attribute_name, attribute_value|
|
59
|
+
options.store system_attributes_to_options.fetch(attribute_name), attribute_value
|
29
60
|
end
|
30
61
|
|
31
62
|
options
|
@@ -33,19 +64,10 @@ class ::Kitchen::Terraform::InSpecOptionsMapper
|
|
33
64
|
|
34
65
|
private
|
35
66
|
|
36
|
-
attr_accessor :
|
67
|
+
attr_accessor :system_attributes_to_options
|
37
68
|
|
38
69
|
# @api private
|
39
|
-
def initialize
|
40
|
-
self.
|
41
|
-
self.system_keys = system.keys
|
42
|
-
self.system_to_options = ::Hash.new do |hash, key|
|
43
|
-
hash.store key, key
|
44
|
-
end
|
45
|
-
system_to_options.store :reporter, "reporter"
|
46
|
-
self.options_keys = [:attrs, :backend, :backend_cache, :bastion_host, :bastion_port, :bastion_user, :controls,
|
47
|
-
:enable_password, :key_files, :password, :path, :port, :proxy_command, :reporter, :self_signed,
|
48
|
-
:shell, :shell_command, :shell_options, :show_progress, :ssl, :sudo, :sudo_command,
|
49
|
-
:sudo_options, :sudo_password, :user, :vendor_cache]
|
70
|
+
def initialize
|
71
|
+
self.system_attributes_to_options = ::Kitchen::Terraform::InSpecOptionsMapper::SYSTEM_ATTRIBUTES_TO_OPTIONS.dup
|
50
72
|
end
|
51
73
|
end
|
@@ -79,6 +79,8 @@ module Kitchen
|
|
79
79
|
include ::Kitchen::Terraform::Configurable
|
80
80
|
@api_version = 2
|
81
81
|
|
82
|
+
attr_reader :inputs, :outputs
|
83
|
+
|
82
84
|
# The verifier enumerates through each host of each system and verifies the associated InSpec controls.
|
83
85
|
#
|
84
86
|
# @example
|
@@ -89,8 +91,8 @@ module Kitchen
|
|
89
91
|
def call(_kitchen_state)
|
90
92
|
load_variables
|
91
93
|
verify_systems
|
92
|
-
if
|
93
|
-
raise ::Kitchen::ActionFailed,
|
94
|
+
if !error_messages.empty?
|
95
|
+
raise ::Kitchen::ActionFailed, error_messages.join("\n\n")
|
94
96
|
end
|
95
97
|
rescue ::Kitchen::Terraform::Error => error
|
96
98
|
raise ::Kitchen::ActionFailed, error.message
|
@@ -107,28 +109,32 @@ module Kitchen
|
|
107
109
|
|
108
110
|
private
|
109
111
|
|
112
|
+
attr_accessor :inspec_options_mapper, :error_messages
|
113
|
+
attr_writer :inputs, :outputs
|
114
|
+
|
110
115
|
def handle_error(message:)
|
111
116
|
if config_fail_fast
|
112
117
|
raise ::Kitchen::Terraform::Error, message
|
113
118
|
else
|
114
119
|
logger.error message
|
115
|
-
|
120
|
+
error_messages.push message
|
116
121
|
end
|
117
122
|
end
|
118
123
|
|
119
124
|
def load_variables
|
120
125
|
instance.driver.retrieve_outputs do |outputs:|
|
121
|
-
|
126
|
+
self.outputs.replace outputs
|
122
127
|
end.retrieve_inputs do |inputs:|
|
123
|
-
|
128
|
+
self.inputs.replace inputs
|
124
129
|
end
|
125
130
|
end
|
126
131
|
|
127
132
|
def initialize(configuration = {})
|
128
133
|
init_config configuration
|
129
|
-
|
130
|
-
|
131
|
-
|
134
|
+
self.inspec_options_mapper = ::Kitchen::Terraform::InSpecOptionsMapper.new
|
135
|
+
self.error_messages = []
|
136
|
+
self.inputs = {}
|
137
|
+
self.outputs = {}
|
132
138
|
end
|
133
139
|
|
134
140
|
# load_needed_dependencies! loads the InSpec libraries required to verify a Terraform state.
|
@@ -144,15 +150,14 @@ module Kitchen
|
|
144
150
|
end
|
145
151
|
|
146
152
|
def system_inspec_options(system:)
|
147
|
-
|
148
|
-
.map(options: { "color" => config_color, "distinct_exit" => false })
|
153
|
+
inspec_options_mapper.map(options: { "color" => config_color, "distinct_exit" => false }, system: system)
|
149
154
|
end
|
150
155
|
|
151
156
|
def verify(system:)
|
152
157
|
::Kitchen::Terraform::System.new(
|
153
158
|
mapping: { profile_locations: [::File.join(config.fetch(:test_base_path), instance.suite.name)] }
|
154
159
|
.merge(system),
|
155
|
-
).verify(inputs:
|
160
|
+
).verify(inputs: inputs, inspec_options: system_inspec_options(system: system), outputs: outputs)
|
156
161
|
rescue => error
|
157
162
|
handle_error message: error.message
|
158
163
|
end
|
metadata
CHANGED
@@ -1,7 +1,7 @@
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
2
2
|
name: kitchen-terraform
|
3
3
|
version: !ruby/object:Gem::Version
|
4
|
-
version:
|
4
|
+
version: 5.0.0
|
5
5
|
platform: ruby
|
6
6
|
authors:
|
7
7
|
- Aaron Lane
|
@@ -61,7 +61,7 @@ cert_chain:
|
|
61
61
|
XAjP/LERlXAwM+NCUycJw7BZMn7L2wIdnq6Le1rL6VJS17CZt2heuRtsF+3g0egR
|
62
62
|
x97GmUumeM67PGeVodlIV65tdXrdlqKlHcE=
|
63
63
|
-----END CERTIFICATE-----
|
64
|
-
date: 2019-
|
64
|
+
date: 2019-06-07 00:00:00.000000000 Z
|
65
65
|
dependencies:
|
66
66
|
- !ruby/object:Gem::Dependency
|
67
67
|
name: guard-bundler
|
@@ -288,89 +288,89 @@ dependencies:
|
|
288
288
|
- !ruby/object:Gem::Version
|
289
289
|
version: '0.9'
|
290
290
|
- !ruby/object:Gem::Dependency
|
291
|
-
name: dry-
|
291
|
+
name: dry-validation
|
292
292
|
requirement: !ruby/object:Gem::Requirement
|
293
293
|
requirements:
|
294
294
|
- - "~>"
|
295
295
|
- !ruby/object:Gem::Version
|
296
|
-
version: 0.
|
296
|
+
version: '0.13'
|
297
297
|
type: :runtime
|
298
298
|
prerelease: false
|
299
299
|
version_requirements: !ruby/object:Gem::Requirement
|
300
300
|
requirements:
|
301
301
|
- - "~>"
|
302
302
|
- !ruby/object:Gem::Version
|
303
|
-
version: 0.
|
303
|
+
version: '0.13'
|
304
304
|
- !ruby/object:Gem::Dependency
|
305
|
-
name:
|
305
|
+
name: inspec
|
306
306
|
requirement: !ruby/object:Gem::Requirement
|
307
307
|
requirements:
|
308
|
-
- -
|
308
|
+
- - "~>"
|
309
309
|
- !ruby/object:Gem::Version
|
310
|
-
version:
|
310
|
+
version: '4.0'
|
311
311
|
type: :runtime
|
312
312
|
prerelease: false
|
313
313
|
version_requirements: !ruby/object:Gem::Requirement
|
314
314
|
requirements:
|
315
|
-
- -
|
315
|
+
- - "~>"
|
316
316
|
- !ruby/object:Gem::Version
|
317
|
-
version:
|
317
|
+
version: '4.0'
|
318
318
|
- !ruby/object:Gem::Dependency
|
319
|
-
name:
|
319
|
+
name: json
|
320
320
|
requirement: !ruby/object:Gem::Requirement
|
321
321
|
requirements:
|
322
322
|
- - "~>"
|
323
323
|
- !ruby/object:Gem::Version
|
324
|
-
version: '
|
324
|
+
version: '2.2'
|
325
325
|
type: :runtime
|
326
326
|
prerelease: false
|
327
327
|
version_requirements: !ruby/object:Gem::Requirement
|
328
328
|
requirements:
|
329
329
|
- - "~>"
|
330
330
|
- !ruby/object:Gem::Version
|
331
|
-
version: '
|
331
|
+
version: '2.2'
|
332
332
|
- !ruby/object:Gem::Dependency
|
333
|
-
name:
|
333
|
+
name: mixlib-shellout
|
334
334
|
requirement: !ruby/object:Gem::Requirement
|
335
335
|
requirements:
|
336
336
|
- - "~>"
|
337
337
|
- !ruby/object:Gem::Version
|
338
|
-
version: 2.
|
338
|
+
version: '2.2'
|
339
339
|
type: :runtime
|
340
340
|
prerelease: false
|
341
341
|
version_requirements: !ruby/object:Gem::Requirement
|
342
342
|
requirements:
|
343
343
|
- - "~>"
|
344
344
|
- !ruby/object:Gem::Version
|
345
|
-
version: 2.
|
345
|
+
version: '2.2'
|
346
346
|
- !ruby/object:Gem::Dependency
|
347
|
-
name:
|
347
|
+
name: rbnacl
|
348
348
|
requirement: !ruby/object:Gem::Requirement
|
349
349
|
requirements:
|
350
350
|
- - "~>"
|
351
351
|
- !ruby/object:Gem::Version
|
352
|
-
version: '
|
352
|
+
version: '4.0'
|
353
353
|
type: :runtime
|
354
354
|
prerelease: false
|
355
355
|
version_requirements: !ruby/object:Gem::Requirement
|
356
356
|
requirements:
|
357
357
|
- - "~>"
|
358
358
|
- !ruby/object:Gem::Version
|
359
|
-
version: '
|
359
|
+
version: '4.0'
|
360
360
|
- !ruby/object:Gem::Dependency
|
361
361
|
name: test-kitchen
|
362
362
|
requirement: !ruby/object:Gem::Requirement
|
363
363
|
requirements:
|
364
364
|
- - "~>"
|
365
365
|
- !ruby/object:Gem::Version
|
366
|
-
version: '1
|
366
|
+
version: '2.1'
|
367
367
|
type: :runtime
|
368
368
|
prerelease: false
|
369
369
|
version_requirements: !ruby/object:Gem::Requirement
|
370
370
|
requirements:
|
371
371
|
- - "~>"
|
372
372
|
- !ruby/object:Gem::Version
|
373
|
-
version: '1
|
373
|
+
version: '2.1'
|
374
374
|
- !ruby/object:Gem::Dependency
|
375
375
|
name: tty-which
|
376
376
|
requirement: !ruby/object:Gem::Requirement
|
@@ -458,7 +458,7 @@ required_ruby_version: !ruby/object:Gem::Requirement
|
|
458
458
|
requirements:
|
459
459
|
- - ">="
|
460
460
|
- !ruby/object:Gem::Version
|
461
|
-
version: '2.
|
461
|
+
version: '2.4'
|
462
462
|
- - "<"
|
463
463
|
- !ruby/object:Gem::Version
|
464
464
|
version: '2.7'
|
metadata.gz.sig
CHANGED
Binary file
|