serverspec-extra-types 0.3.3 → 0.4.0

data/lib/serverspec_extra_types/types/curl.rb

@@ -44,8 +44,12 @@ module Serverspec::Type
 
     private
 
+    def extra_args
+      "-w \"#{output_format}\""
+    end
+
     def get_inspection
-      command = "curl -s  -w \"#{output_format}\" #{url} #{@insecure ? '-k' : ''} #{@redirects ? '-L' : ''}"
+      command = curl_command
       unless @get_inspection
         (body, rest) = @runner.run_command(command).stdout.split('!!SS_URL_YAML!!')
         result = YAML.safe_load(rest).each_with_object({}) { |(k, v), memo| memo[k.to_sym] = v; }

data/lib/serverspec_extra_types/types/docker_config.rb

@@ -0,0 +1,55 @@
+# frozen_string_literal: true
+require 'base64'
+module Serverspec::Type
+  class DockerConfig < DockerBase
+    def exist?
+      get_inspection.success?
+    end
+
+    def has_data?(data)
+      self.data == data
+    end
+
+    def data
+      @data ||= Base64.decode64(data64)
+    end
+
+    def has_data64?(data)
+      self.data64 == data
+    end
+
+    def data64
+      inspection['Spec']['Data']
+    end
+
+    def labels
+      inspection['Spec']['Labels']
+    end
+
+    def has_label?(label, value = nil)
+      if value
+        label(label)[1] == value
+      else
+        label(label)
+      end
+    end
+
+    def label(label)
+      labels.find { |key, _val| key == label }
+    end
+
+    def has_name?(name)
+      self.name == name
+    end
+
+    def name
+      inspection['Spec']['Name']
+    end
+
+    private
+
+    def get_inspection
+      @get_inspection ||= @runner.run_command("docker config inspect #{@name}")
+    end
+  end
+end

data/lib/serverspec_extra_types/types/docker_network.rb

@@ -3,8 +3,9 @@
 require 'serverspec'
 
 module Serverspec::Type
-  # This class  monkey patches serverspec's docker container type with some more method to be used in matchers
+
   class DockerNetwork < DockerBase
+
     def name
       inspection['Name']
     end
@@ -13,6 +14,78 @@ module Serverspec::Type
       inspection['Id']
     end
 
+    def has_scope?(scope)
+      self.scope == scope
+    end
+
+    def scope
+      inspection['Scope']
+    end
+
+    def local_scoped?
+      scope == 'local'
+    end
+
+    def swarm_scoped?
+      scope == 'swarm'
+    end
+
+    def attachable?
+      inspection['Scope']
+    end
+
+    def overlay?
+      self.has_driver? 'overlay'
+    end
+
+    def bridge?
+      self.has_driver? 'bridge'
+    end
+
+    def driver
+      inspection['Driver']
+    end
+
+    def has_driver?(driver)
+      self.driver == driver
+    end
+
+    def has_label?(label, value = nil)
+      if value
+        label(label)[1] == value
+      else
+        label(label)
+      end
+    end
+
+    def label(label)
+      labels.find { |key, _val| key == label }
+    end
+
+    def labels
+      inspection['Labels']
+    end
+
+    def IPv6_enabled?
+      inspection['EnableIPv6']
+    end
+
+    def internal?
+      inspection['Internal']
+    end
+
+    def external?
+      !inspection['Internal']
+    end
+
+    def ingress?
+      inspection['Ingress']
+    end
+
+    def exist?
+      get_inspection.success?
+    end
+
     private
 
     def get_inspection

data/lib/serverspec_extra_types/types/docker_node.rb

@@ -6,6 +6,15 @@ module Serverspec::Type
       availability == 'active'
     end
 
+    def draining?
+      availability == 'drain'
+    end
+
+    def paused?
+      availability == 'pause'
+    end
+
+
     def availability
       inspection['Spec']['Availability']
     end
@@ -34,6 +43,9 @@ module Serverspec::Type
       inspection['Description']['Engine']['EngineVersion']
     end
 
+    def exist?
+      get_inspection.success?
+    end
     private
 
     def get_inspection

data/lib/serverspec_extra_types/types/docker_secret.rb

@@ -0,0 +1,56 @@
+# frozen_string_literal: true
+require 'base64'
+module Serverspec::Type
+  class DockerSecret < DockerBase
+    def exist?
+      get_inspection.success?
+    end
+
+    def has_data?(data)
+      self.data == data
+    end
+
+    def data
+      @data ||= Base64.decode64(data64)
+    end
+
+    def has_data64?(data)
+      self.data64 == data
+    end
+
+
+    def data64
+      inspection['Spec']['Data']
+    end
+
+    def labels
+      inspection['Spec']['Labels']
+    end
+
+    def has_label?(label, value = nil)
+      if value
+        label(label)[1] == value
+      else
+        label(label)
+      end
+    end
+
+    def label(label)
+      labels.find { |key, _val| key == label }
+    end
+
+    def has_name?(name)
+      self.name == name
+    end
+
+    def name
+      inspection['Spec']['Name']
+    end
+
+    private
+
+    def get_inspection
+      @get_inspection ||= @runner.run_command("docker secret inspect #{@name}")
+    end
+  end
+end

data/lib/serverspec_extra_types/types/rabbitmq_base.rb

@@ -29,10 +29,16 @@ module Serverspec::Type
       end
     end
 
+
+
     private
 
+    def extra_args
+      "-u #{@user}:#{@password}"
+    end
+
     def get_inspection
-      command = "curl -s -u #{@user}:#{@password} #{url}"
+      command = curl_command
       @get_inspection ||= @runner.run_command(command)
     end
   end

data/lib/serverspec_extra_types/types/rabbitmq_node_list.rb

@@ -5,7 +5,11 @@ require 'serverspec_extra_types/types/rabbitmq_base'
 module Serverspec::Type
   class RabbitmqNodeList < RabbitmqBase
     def url
-      "#{@url_base}/api/vhosts"
+      "#{@url_base}/api/nodes"
+    end
+
+    def to_s
+      "RabbitMQ node list"
     end
 
     def inspection

data/lib/serverspec_extra_types/types/rabbitmq_vhost_list.rb

@@ -8,6 +8,10 @@ module Serverspec::Type
       inspection.find { |str| str['name'] == vhost }
     end
 
+    def to_s
+      "RabbitMQ VHosts List"
+    end
+
     def url
       "#{@url_base}/api/vhosts"
     end

data/lib/serverspec_extra_types/types/sudo_user.rb

@@ -0,0 +1,90 @@
+require 'serverspec'
+require 'serverspec/type/base'
+require 'multi_json'
+require 'serverspec_extra_types/helpers/properties'
+
+module Serverspec::Type
+  class SudoUser < Base
+
+    def initialize(name)
+      super
+      @user = name
+    end
+
+    def exist?
+      if get_inspection.success? && /User #{@user} may run the following commands/.match(@get_inspection.stdout)
+        true
+      else
+        false
+      end
+    end
+
+
+
+    def allowed_to_run_command?(command, user = nil, checkpw = false)
+      perm = permission(command)
+      if user
+        if checkpw
+          perm[:user] == user && perm[:nopasswd]
+        else
+          perm[:user] == user
+        end
+      else
+        checkpw ? perm && perm[:nopasswd] : perm
+      end
+    end
+
+
+
+    def permission(command)
+      permissions.find {|x| x[:command] == command}
+    end
+
+    def permissions
+      inspection[:permissions]
+    end
+
+    def has_sudo_disabled?
+      /User #{@user} is not allowed to run sudo/.match(@get_inspection.stdout)
+    end
+
+    def inspection
+      @inspection ||= get_sudo_perms(get_inspection.stdout)
+    end
+
+
+    private
+    def get_inspection
+      @get_inspection ||= @runner.run_command("sudo -l -U #{@user}")
+    end
+
+    def chunk_permission(perm)
+      chunks = {}
+      parts = perm.sub(' : ', ':').split(/\s+/).reject{ |x| x == '' || x == "\n"}
+      user = parts[0].sub('(', '').sub(')', '')
+      if user.include?(':')
+        chunks[:user] = user.split(':')[0]
+        chunks[:group] = user.split(':')[1]
+      else
+        chunks[:user] = user
+      end
+      if /NOPASSWD:/.match perm
+        chunks[:nopasswd] = true
+        chunks[:command] = parts[2..-1].join(" ")
+      else
+        chunks[:nopasswd] = false
+        chunks[:command] = parts[1..-1].join(' ')
+      end
+      chunks
+    end
+
+    def get_sudo_perms(output)
+      matches = /Matching Defaults entries for #{@user} on .*\n(.*)\n/.match output
+      defaults = matches[1].split(', ').map(&:strip)
+      matches = (/User #{@user} may run the following commands on .*\n((\W.*\n)*)/).match output
+
+      permissions = matches[1].split("\n").map{ |x| chunk_permission(x.strip) }
+      { defaults: defaults, permissions: permissions }
+    end
+  end
+end

data/lib/serverspec_extra_types/version.rb

@@ -1,5 +1,5 @@
 # frozen_string_literal: true
 
 module ServerspecExtraTypes
-  VERSION = '0.3.3'
+  VERSION = '0.4.0'
 end

data/properties.yml

@@ -2,17 +2,31 @@
 
 options:
   # Stop the test on the first failure (default: true)
-  fail_on_err: true
+  fail_on_err: false
   # Specify output format defaults is docs_screen multiple formatters can be specified
-  formaters:
+  formatters:
      - tick
 
 targets:
   # Run tests against a vagrant file
-  docker:
-    backend: vagrant
-    vagrant_dir: spec/vagrant
-    spec_type: docker
+  container:
+    backend: exec
+    spec_type: docker_container
+
+  service:
+    backend: exec
+    spec_type: docker_service
+
+
+  node:
+    backend: exec
+    spec_type: docker_node
+
+  network:
+    backend: exec
+    spec_type: docker_network
+
+
 
   rabbitmq:
     backend: exec
@@ -20,4 +34,28 @@ targets:
 
   consul:
     backend: exec
-    spec_type: consul
+    spec_type: consul
+
+
+  curl:
+    backend: exec
+    spec_type: curl
+
+  secret:
+    backend: exec
+    spec_type: docker_secret
+
+  config:
+    backend: exec
+    spec_type: docker_config
+
+  sudo:
+    backend: docker
+    docker_build_dir: spec/resources
+    spec_type: sudo
+
+
+  sudo_user:
+    backend: docker
+    docker_build_dir: spec/resources
+    spec_type: sudo_user