serverspec 0.8.1 → 0.9.0

checksums.yaml

@@ -1,7 +1,7 @@
 ---
 SHA1:
-  metadata.gz: ee32cc231c6c0c9b020ecea8e4d14b0001c94725
-  data.tar.gz: 57eda3e3a98b88e1b73bb58eb4e88fe672a6cec1
+  metadata.gz: af5097bb467c14c4f8d0f22747b6775ecf5d598a
+  data.tar.gz: fee035ec0e675c79cf74ef7367da9d2e028a7dbb
 SHA512:
-  metadata.gz: f5544d360701ab7a9ab655512291c77e6aed57d7ac5f1921433fe3d2d6408b942107d69a17484e6d5c1d8799c807a47a2b676edfcc4d4e2afb5ee443680b6c1a
-  data.tar.gz: 3cbbdbb771612ac3bca87a6c4f78d0396151553118ebaef9faa17fb5c1cd571828200e0cf063110543283dd5297d2e1be3c99c168d1ec3d8c996515bc58508cb
+  metadata.gz: ba213503e568d2c6bcb5a6f814f436508880546bf90bd43c39e5a944b7d6ada8ce9adbb36889e3024f3dafacb43106a382d7d89cb97eba9217b67694578c8295
+  data.tar.gz: c68841e54c3aa39773d997e330e612ddd74b619a9a93328461a362c326b26e1efea60e3f6d2582c52ab84f8a4ad97931941355c412a3a2baa82b5f51403025d4

data/.gitignore

@@ -3,6 +3,7 @@
 *.swp
 .bundle
 .rvmrc
+.versions.conf
 .config
 .yardoc
 .rspec
@@ -21,3 +22,4 @@ test/version_tmp
 tmp
 Vagrantfile
 vendor/
+.DS_Store

data/Rakefile

@@ -4,9 +4,9 @@ require 'rspec/core/rake_task'
 task :spec => 'spec:all'
 
 namespace :spec do
-  oses = %w( darwin debian gentoo redhat solaris solaris10 solaris11 smartos )
+  oses = %w( darwin debian gentoo redhat solaris solaris10 solaris11 smartos windows)
 
-  task :all => [ oses.map {|os| "spec:#{os}" }, :helpers, :exec, :ssh ].flatten
+  task :all => [ oses.map {|os| "spec:#{os}" }, :helpers, :exec, :ssh, :cmd, :winrm, :powershell ].flatten
 
   oses.each do |os|
     RSpec::Core::RakeTask.new(os.to_sym) do |t|
@@ -18,11 +18,9 @@ namespace :spec do
     t.pattern = "spec/helpers/*_spec.rb"
   end
 
-  RSpec::Core::RakeTask.new(:exec) do |t|
-    t.pattern = "spec/backend/exec/*_spec.rb"
-  end
-
-  RSpec::Core::RakeTask.new(:ssh) do |t|
-    t.pattern = "spec/backend/ssh/*_spec.rb"
+  [:exec, :ssh, :cmd, :winrm, :powershell].each do |backend|
+    RSpec::Core::RakeTask.new(backend) do |t|
+      t.pattern = "spec/backend/#{backend.to_s}/*_spec.rb"
+    end
   end
 end

data/WindowsSupport.md

@@ -0,0 +1,88 @@
+## Windows support
+
+Serverspec is now providing a limited support for Microsoft Windows.
+
+If you want to test Windows based machines you need to set the target host's OS explicitly in your `spec/spec_helper.rb`
+
+For local testing (equivalent to the Exec option in Linux/Unix systems) simply do:
+
+```ruby
+require 'serverspec'
+
+include Serverspec::Helper::Cmd
+include Serverspec::Helper::Windows
+
+```
+
+For remote testing you have to configure Windows Remote Management in order to communicate to the target host:
+
+```ruby
+require 'serverspec'
+require 'winrm'
+
+include Serverspec::Helper::WinRM
+include Serverspec::Helper::Windows
+
+RSpec.configure do |c|
+  user = <username>
+  pass = <password>
+  endpoint = "http://<hostname>:5985/wsman"
+  
+  c.winrm = ::WinRM::WinRMWebService.new(endpoint, :ssl, :user => user, :pass => pass, :basic_auth_only => true)
+  c.winrm.set_timeout 300 # 5 minutes max timeout for any operation
+end
+```
+
+For different authentication mechanisms check the Microsoft WinRM documentation and verify the ones that are supported by [WinRb/WinRM](https://github.com/WinRb/WinRM)
+
+
+###RSpec Examples for windows target hosts
+```ruby
+describe file('c:/windows') do
+  it { should be_directory }
+  it { should be_readable }
+  it { should_not be_writable.by('Everyone') }
+end
+
+describe file('c:/temp/test.txt') do
+  it { should be_file }
+  it { should contain "some text" }
+end
+
+describe package('Adobe AIR') do
+  it { should be_installed}
+end
+
+describe service('DNS Client') do
+  it { should be_enabled }
+  it { should be_running }
+end
+
+describe port(139) do
+  it { should be_listening }
+end
+
+describe user('some.admin') do
+  it { should exist }
+  it { should belong_to_group('Administrators')}
+end
+
+describe group('Guests') do
+  it { should exist }
+end
+
+describe group('MYDOMAIN\Domain Users') do
+  it { should exist }
+end
+
+describe windows_registry_key('HKEY_USERS\S-1-5-21-1319311448-2088773778-316617838-32407\Test MyKey') do
+  it { should exist }
+  it { should have_property('string value') }
+  it { should have_property('binary value', :type_binary) }
+  it { should have_property('dword value', :type_dword) }
+  it { should have_value('test default data') }
+  it { should have_property_value('multistring value', :type_multistring, "test\nmulti\nstring\ndata") }
+  it { should have_property_value('qword value', :type_qword, 'adff32') }
+  it { should have_property_value('binary value', :type_binary, 'dfa0f066') }
+end
+```

data/bin/serverspec-init

@@ -5,3 +5,78 @@ $LOAD_PATH.unshift File.join(File.dirname(__FILE__), *%w[.. lib])
 require 'serverspec'
 
 Serverspec::Setup.run
+
+__END__
+require 'serverspec'
+<% if @os_type == 'UN*X' -%>
+require 'pathname'
+<% end -%>
+<% if @backend_type == 'Ssh' -%>
+require 'net/ssh'
+<% end -%>
+<% if @backend_type == 'WinRM' -%>
+require 'winrm'
+<% end -%>
+
+include Serverspec::Helper::<%= @backend_type %>
+<% if @os_type == 'UN*X' -%>
+include Serverspec::Helper::DetectOS
+<% else  -%>
+include Serverspec::Helper::Windows
+<% end -%>
+
+<% if @os_type == 'UN*X' -%>
+RSpec.configure do |c|
+  if ENV['ASK_SUDO_PASSWORD']
+    require 'highline/import'
+    c.sudo_password = ask("Enter sudo password: ") { |q| q.echo = false }
+  else
+    c.sudo_password = ENV['SUDO_PASSWORD']
+  end
+  <%- if @backend_type == 'Ssh' -%>
+  c.before :all do
+    block = self.class.metadata[:example_group_block]
+    if RUBY_VERSION.start_with?('1.8')
+      file = block.to_s.match(/.*@(.*):[0-9]+>/)[1]
+    else
+      file = block.source_location.first
+    end
+    host  = File.basename(Pathname.new(file).dirname)
+    if c.host != host
+      c.ssh.close if c.ssh
+      c.host  = host
+      options = Net::SSH::Config.for(c.host)
+      user    = options[:user] || Etc.getlogin
+    <%- if @vagrant -%>
+      vagrant_up = `vagrant up #{@hostname}`
+      config = `vagrant ssh-config #{@hostname}`
+      if config != ''
+        config.each_line do |line|
+          if match = /HostName (.*)/.match(line)
+            c.host = match[1]
+          elsif  match = /User (.*)/.match(line)
+            user = match[1]
+          elsif match = /IdentityFile (.*)/.match(line)
+            options[:keys] =  [match[1].gsub(/\"/,'')]
+          elsif match = /Port (.*)/.match(line)
+            options[:port] = match[1]
+          end
+        end
+      end
+    <%- end -%>
+      c.ssh   = Net::SSH.start(c.host, user, options)
+    end
+  end
+  <%- end -%>
+end
+<% end -%>
+<% if @backend_type == 'WinRM'-%>
+RSpec.configure do |c|
+  user = <username>
+  pass = <password>
+  endpoint = "http://<hostname>:5985/wsman"
+
+  c.winrm = ::WinRM::WinRMWebService.new(endpoint, :ssl, :user => user, :pass => pass, :basic_auth_only => true)
+  c.winrm.set_timeout 300 # 5 minutes max timeout for any operation
+end
+<% end -%>

data/lib/serverspec/backend/base.rb

@@ -0,0 +1,31 @@
+require 'singleton'
+
+module Serverspec
+  module Backend
+    class Base
+      include Singleton
+
+      def set_commands(c)
+        @commands = c
+      end
+
+      def set_example(e)
+        @example = e
+      end
+
+      def commands
+        @commands
+      end
+      
+      def check_zero(cmd, *args)
+        ret = run_command(commands.send(cmd, *args))
+        ret[:exit_status] == 0
+      end
+
+      # Default action is to call check_zero with args
+      def method_missing(meth, *args, &block)
+        check_zero(meth, *args)
+      end
+    end
+  end
+end

data/lib/serverspec/backend/cmd.rb

@@ -0,0 +1,35 @@
+require 'open3'
+
+module Serverspec
+  module Backend
+    class Cmd < Base
+      include PowerShell::ScriptHelper
+
+      def run_command(cmd, opts={})
+        script = create_script(cmd)
+        result = execute_script script
+
+        if @example
+          @example.metadata[:command] = script
+          @example.metadata[:stdout]  = result[:stdout] + result[:stderr]
+        end
+        { :stdout => result[:stdout], :stderr => result[:stderr],
+          :exit_status => result[:status], :exit_signal => nil }
+      end
+
+      def execute_script script
+        ps_script = %Q{powershell -encodedCommand #{encode_script(script)}}
+        if Open3.respond_to? :capture3
+          stdout, stderr, status = Open3.capture3(ps_script)
+          # powershell still exits with 0 even if there are syntax errors, although it spits the error out into stderr
+          # so we have to resort to return an error exit code if there is anything in the standard error
+          status = 1 if status == 0 and !stderr.empty?
+          { :stdout => stdout, :stderr => stderr, :status => status }
+        else
+          stdout = `#{ps_script} 2>&1`
+          { :stdout => stdout, :stderr => nil, :status => $? }
+        end
+      end
+    end
+  end
+end

data/lib/serverspec/backend/exec.rb

@@ -2,20 +2,7 @@ require 'singleton'
 
 module Serverspec
   module Backend
-    class Exec
-      include Singleton
-
-      def set_commands(c)
-        @commands = c
-      end
-
-      def set_example(e)
-        @example = e
-      end
-
-      def commands
-        @commands
-      end
+    class Exec < Base
 
       def run_command(cmd, opts={})
         cmd = build_command(cmd)
@@ -52,16 +39,6 @@ module Serverspec
         cmd
       end
 
-      def check_zero(cmd, *args)
-        ret = run_command(commands.send(cmd, *args))
-        ret[:exit_status] == 0
-      end
-
-      # Default action is to call check_zero with args
-      def method_missing(meth, *args, &block)
-        check_zero(meth, *args)
-      end
-
       def check_running(process)
         ret = run_command(commands.check_running(process))
         if ret[:exit_status] == 1 || ret[:stdout] =~ /stopped/

data/lib/serverspec/backend/powershell/command.rb

@@ -0,0 +1,36 @@
+module Serverspec
+  module Backend
+    module PowerShell
+      class Command
+        attr_reader :import_functions, :script
+        def initialize &block
+          @import_functions = []
+          @script = ""
+          instance_eval &block if block_given?
+        end
+
+        def using *functions
+          functions.each { |f| import_functions << f }
+        end
+
+        def exec code
+          @script = code
+        end
+
+        def convert_regexp(target)
+          case target
+          when Regexp
+            target.source
+          else
+            target.to_s.gsub '/', ''
+          end
+        end
+
+        def get_identity id
+          raise "You must provide a specific Windows user/group" if id =~ /(owner|group|others)/
+          identity = id || 'Everyone'
+        end
+      end
+    end
+  end
+end

data/lib/serverspec/backend/powershell/script_helper.rb

@@ -0,0 +1,69 @@
+require 'base64'
+
+module Serverspec
+  module Backend
+    module PowerShell
+      module ScriptHelper
+        def build_command(cmd)
+          path = Serverspec.configuration.path || RSpec.configuration.path
+          if path
+            cmd.strip!
+            cmd = 
+<<-EOF
+$env:path = "#{path};$env:path"
+#{cmd}
+EOF
+          end
+          cmd
+        end
+
+        def add_pre_command(cmd)
+          path = Serverspec.configuration.path || RSpec.configuration.path
+          if Serverspec.configuration.pre_command
+            cmd.strip!
+            cmd = 
+<<-EOF
+if (#{Serverspec.configuration.pre_command})
+{
+#{cmd}
+}
+EOF
+            cmd = "$env:path = \"#{path};$env:path\"\n#{cmd}" if path
+          end
+          cmd
+        end
+
+        def encode_script script
+          script_text = script.chars.to_a.join("\x00").chomp
+          script_text << "\x00" unless script_text[-1].eql? "\x00"
+          if script_text.respond_to?(:encode)
+            script_text = script_text.encode('ASCII-8BIT')
+          end
+          if Base64.respond_to?(:strict_encode64)
+            Base64.strict_encode64(script_text)
+          else
+            [ script_text ].pack("m").strip
+          end
+        end
+
+        def create_script command
+          script = build_command(command.script)
+          script = add_pre_command(script)
+          ps_functions = command.import_functions.map { |f| File.read(File.join(File.dirname(__FILE__), 'support', f)) }
+        <<-EOF
+$exitCode = 1
+try {
+  #{ps_functions.join("\n")}
+  $success = (#{script})
+  if ($success -is [Boolean] -and $success) { $exitCode = 0 }
+} catch {
+  Write-Output $_.Exception.Message
+}
+Write-Output "Exiting with code: $exitCode"
+exit $exitCode
+          EOF
+        end
+      end
+    end
+  end
+end

data/lib/serverspec/backend/powershell/support/check_file_access_rules.ps1

@@ -0,0 +1,12 @@
+function CheckFileAccessRules
+{
+  param($path, $identity, $rules)
+  
+  $result = $false
+  $accessRules = (Get-Acl $path).access | Where-Object {$_.AccessControlType -eq 'Allow' -and $_.IdentityReference -eq $identity }
+  if ($accessRules) {
+    $match = $accessRules.FileSystemRights.ToString() -Split (', ') | ?{$rules -contains $_}
+    $result = $match -ne $null -or $match.length -gt 0
+  }
+  $result
+}

data/lib/serverspec/backend/powershell/support/crop_text.ps1

@@ -0,0 +1,11 @@
+function CropText
+{
+  param($text, $fromPattern, $toPattern)
+  
+  $from, $to = ([regex]::matches($text, $fromPattern)), ([regex]::matches($text, $toPattern))
+  if ($from.count -gt 0 -and $to.count -gt 0) {
+    $text.substring($from[0].index, $to[0].index + $to[0].length - $from[0].index)
+  } else {
+    ""
+  }
+}

data/lib/serverspec/backend/powershell/support/find_group.ps1

@@ -0,0 +1,8 @@
+function FindGroup
+{
+  param($groupName, $domain)
+  if ($domain -eq $null) {$selectionCriteria = " and LocalAccount = true"}
+  else {$selectionCriteria = " and Domain = '$domain'"}
+
+  Get-WmiObject Win32_Group -filter "Name = '$groupName' $selectionCriteria"
+}

data/lib/serverspec/backend/powershell/support/find_installed_application.ps1

@@ -0,0 +1,7 @@
+function FindInstalledApplication
+{
+  param($appName, $appVersion)
+  $selectionCriteria = "(Name like '$appName' or PackageName like '$appName') and InstallState = 5"
+  if ($appVersion -ne $null) { $selectionCriteria += " and version = '$appVersion'"}
+  Get-WmiObject Win32_Product -filter $selectionCriteria
+}

data/lib/serverspec/backend/powershell/support/find_service.ps1

@@ -0,0 +1,5 @@
+function FindService
+{
+  param($name)
+  Get-WmiObject Win32_Service | Where-Object {$_.serviceName -eq $name -or $_.displayName -eq $name}
+}

data/lib/serverspec/backend/powershell/support/find_user.ps1

@@ -0,0 +1,8 @@
+function FindUser
+{
+  param($userName, $domain)
+  if ($domain -eq $null) {$selectionCriteria = " and LocalAccount = true"}
+  else {$selectionCriteria = " and Domain = '$domain'"}
+
+  Get-WmiObject Win32_UserAccount -filter "Name = '$userName' $selectionCriteria"
+}

data/lib/serverspec/backend/powershell/support/find_usergroup.ps1

@@ -0,0 +1,9 @@
+function FindUserGroup
+{
+  param($userName, $groupName, $userDomain, $groupDomain)
+  $user = FindUser -userName $userName -domain $userDomain
+  $group = FindGroup -groupName $groupName -domain $groupDomain
+  if ($user -and $group) {
+    Get-WmiObject Win32_GroupUser -filter ("GroupComponent = 'Win32_Group.Domain=`"" + $group.domain + "`",Name=`"" + $group.name + "`"' and PartComponent = 'Win32_UserAccount.Domain=`"" + $user.domain + "`",Name=`"" + $user.name + "`"'")
+  }
+}

data/lib/serverspec/backend/powershell/support/is_port_listening.ps1

@@ -0,0 +1,13 @@
+function IsPortListening
+{
+  param($portNumber, $protocol)
+  $netstatOutput = netstat -an | Out-String
+  $networkIPs = (Get-WmiObject Win32_NetworkAdapterConfiguration | ? {$_.IPEnabled}) | %{ $_.IPAddress[0] }
+  foreach ($ipaddress in $networkIPs)
+  {
+    $matchExpression = ("$ipaddress" + ":" + $portNumber)
+    if ($protocol) { $matchExpression = ($protocol.toUpper() + "\s+$matchExpression") }    
+    if ($netstatOutput -match $matchExpression) { return $true }
+  }
+  $false
+}

data/lib/serverspec/backend/winrm.rb

@@ -0,0 +1,26 @@
+module Serverspec
+  module Backend
+    class WinRM < Base
+      include PowerShell::ScriptHelper
+
+      def run_command(cmd, opts={})
+        script = create_script(cmd)
+        winrm = RSpec.configuration.winrm
+
+        result = winrm.powershell(script)
+        stdout, stderr = [:stdout, :stderr].map do |s|
+          result[:data].select {|item| item.key? s}.map {|item| item[s]}.join
+        end
+        result[:exitcode] = 1 if result[:exitcode] == 0 and !stderr.empty?
+
+        if @example
+          @example.metadata[:command] = script
+          @example.metadata[:stdout]  = stdout + stderr
+        end
+
+        { :stdout => stdout, :stderr => stderr,
+          :exit_status => result[:exitcode], :exit_signal => nil }
+      end
+    end
+  end
+end

data/lib/serverspec/backend.rb

@@ -1,2 +1,7 @@
+require 'serverspec/backend/base'
 require 'serverspec/backend/ssh'
 require 'serverspec/backend/exec'
+require 'serverspec/backend/powershell/script_helper'
+require 'serverspec/backend/powershell/command'
+require 'serverspec/backend/cmd'
+require 'serverspec/backend/winrm'