simp-beaker-helpers 1.11.2 → 1.11.3
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
checksums.yaml
CHANGED
@@ -1,7 +1,7 @@
|
|
1
1
|
---
|
2
|
-
|
3
|
-
metadata.gz:
|
4
|
-
data.tar.gz:
|
2
|
+
SHA1:
|
3
|
+
metadata.gz: b6e130fce3d3a8eee72398b70815453331916db8
|
4
|
+
data.tar.gz: a1b92623b2bae26cccf0c3563c143c71b46655ea
|
5
5
|
SHA512:
|
6
|
-
metadata.gz:
|
7
|
-
data.tar.gz:
|
6
|
+
metadata.gz: 8526d0b9b7210537e2e9f2646e169d42befa0ce290072d54a60652ff106ad761ca8e34baeb0c594ca8edba944ea92d7ceb73a2ce5641eced574d77f5079112ce
|
7
|
+
data.tar.gz: af086c7b60267bdbfc730caa535ca1d04fd7e05dd05827ca028a2a4b303be0bfbc3e6be7894ff4cec9349a051d1e98b464b81158368e7bea8ce1da0b26a9b71f
|
data/CHANGELOG.md
CHANGED
@@ -1,3 +1,8 @@
|
|
1
|
+
### 1.11.3 / 2018-10-22
|
2
|
+
* Made the inspec report less confusing overall by noting where checks are
|
3
|
+
overridden
|
4
|
+
* Fix errors in the previous ssh key copy
|
5
|
+
|
1
6
|
### 1.11.2 / 2018-10-11
|
2
7
|
* Copy ssh keys in home directories to simp standard '/etc/ssh/local_keys/'
|
3
8
|
to avoid error when certain simp puppet modules are applied
|
@@ -1,8 +1,9 @@
|
|
1
1
|
module Simp::BeakerHelpers
|
2
|
-
|
3
2
|
# Helpers for working with Inspec
|
4
3
|
class Inspec
|
5
4
|
|
5
|
+
require 'json'
|
6
|
+
|
6
7
|
attr_reader :profile
|
7
8
|
attr_reader :profile_dir
|
8
9
|
attr_reader :deps_root
|
@@ -131,10 +132,19 @@ module Simp::BeakerHelpers
|
|
131
132
|
HighLine.colorize_strings
|
132
133
|
|
133
134
|
stats = {
|
134
|
-
|
135
|
-
:failed
|
136
|
-
:
|
137
|
-
:
|
135
|
+
# Legacy metrics counters for backwards compatibility
|
136
|
+
:failed => 0,
|
137
|
+
:passed => 0,
|
138
|
+
:skipped => 0,
|
139
|
+
:overridden => 0,
|
140
|
+
# End legacy stuff
|
141
|
+
:global => {
|
142
|
+
:failed => [],
|
143
|
+
:passed => [],
|
144
|
+
:skipped => [],
|
145
|
+
:overridden => []
|
146
|
+
},
|
147
|
+
:profiles => {}
|
138
148
|
}
|
139
149
|
|
140
150
|
if results.is_a?(String)
|
@@ -154,64 +164,104 @@ module Simp::BeakerHelpers
|
|
154
164
|
end
|
155
165
|
|
156
166
|
profiles.each do |profile|
|
157
|
-
|
167
|
+
profile_name = profile['name']
|
168
|
+
|
169
|
+
next unless profile_name
|
170
|
+
|
171
|
+
stats[:profiles][profile_name] = {
|
172
|
+
:controls => {}
|
173
|
+
}
|
158
174
|
|
159
175
|
profile['controls'].each do |control|
|
160
176
|
title = control['title']
|
161
177
|
|
162
|
-
# Skip auto-generated material
|
163
178
|
next unless title
|
164
179
|
|
165
|
-
|
166
|
-
title = title[0..71] + '(...)'
|
167
|
-
end
|
180
|
+
stats[:profiles][profile_name][:controls][title] = {}
|
168
181
|
|
169
|
-
|
182
|
+
formatted_title = title.scan(/.{1,72}\W|.{1,72}/).map(&:strip).join("\n ")
|
170
183
|
|
171
|
-
stats[:
|
172
|
-
unless title_chunks.empty?
|
173
|
-
title_chunks.map!{|x| x = " #{x}"}
|
174
|
-
stats[:report] << title_chunks.join("\n")
|
175
|
-
end
|
184
|
+
stats[:profiles][profile_name][:controls][title][:formatted_title] = formatted_title
|
176
185
|
|
177
186
|
if control['results'] && !control['results'].empty?
|
178
187
|
status = control['results'].first['status']
|
188
|
+
|
189
|
+
if status == /^fail/
|
190
|
+
status = :failed
|
191
|
+
else
|
192
|
+
status = :passed
|
193
|
+
end
|
179
194
|
else
|
180
|
-
status =
|
195
|
+
status = :skipped
|
181
196
|
end
|
182
197
|
|
183
|
-
|
184
|
-
if status == 'skipped'
|
185
|
-
stats[:skipped] += 1
|
186
|
-
|
187
|
-
stats[:report] << status_str + status.yellow
|
188
|
-
stats[:report] << " File: #{control['source_location']['ref']}"
|
189
|
-
elsif status =~ /^fail/
|
190
|
-
stats[:failed] += 1
|
198
|
+
stats[:global][status] << title
|
191
199
|
|
192
|
-
|
193
|
-
|
194
|
-
|
195
|
-
|
200
|
+
stats[:profiles][profile_name][:controls][title][:status] = status
|
201
|
+
stats[:profiles][profile_name][:controls][title][:source] = control['source_location']['ref']
|
202
|
+
end
|
203
|
+
end
|
196
204
|
|
197
|
-
|
198
|
-
|
205
|
+
valid_checks = stats[:global][:failed] + stats[:global][:passed]
|
206
|
+
stats[:global][:skipped].dup.each do |skipped|
|
207
|
+
if valid_checks.include?(skipped)
|
208
|
+
stats[:global][:overridden] << skipped
|
209
|
+
stats[:global][:skipped].delete(skipped)
|
199
210
|
end
|
211
|
+
end
|
212
|
+
|
213
|
+
status_colors = {
|
214
|
+
:failed => 'red',
|
215
|
+
:passed => 'green',
|
216
|
+
:skipped => 'yellow',
|
217
|
+
:overridden => 'white'
|
218
|
+
}
|
219
|
+
|
220
|
+
report = []
|
221
|
+
|
222
|
+
stats[:profiles].keys.each do |profile|
|
223
|
+
report << "Profile: #{profile}"
|
200
224
|
|
201
|
-
stats[:
|
202
|
-
|
203
|
-
stats[:report] << " * Failed: #{stats[:failed].to_s.red}"
|
204
|
-
stats[:report] << " * Skipped: #{stats[:skipped].to_s.yellow}"
|
225
|
+
stats[:profiles][profile][:controls].each do |control|
|
226
|
+
control_info = control.last
|
205
227
|
|
206
|
-
|
207
|
-
|
208
|
-
|
228
|
+
report << "\n Control: #{control_info[:formatted_title]}"
|
229
|
+
|
230
|
+
if control_info[:status] == :skipped && stats[:global][:overridden].include?(control.first)
|
231
|
+
control_info[:status] = :overridden
|
232
|
+
end
|
233
|
+
|
234
|
+
report << " Status: #{control_info[:status].to_s.send(status_colors[control_info[:status]])}"
|
235
|
+
report << " File: #{control_info[:source]}" if control_info[:source]
|
209
236
|
end
|
210
237
|
|
211
|
-
|
238
|
+
report << "\n"
|
212
239
|
end
|
213
240
|
|
214
|
-
stats[:
|
241
|
+
num_passed = stats[:global][:passed].count
|
242
|
+
num_failed = stats[:global][:failed].count
|
243
|
+
num_skipped = stats[:global][:skipped].count
|
244
|
+
num_overridden = stats[:global][:overridden].count
|
245
|
+
|
246
|
+
# Backwards compat values
|
247
|
+
stats[:passed] = num_passed
|
248
|
+
stats[:failed] = num_failed
|
249
|
+
stats[:skipped] = num_skipped
|
250
|
+
stats[:overridden] = num_overridden
|
251
|
+
|
252
|
+
report << "Statistics:"
|
253
|
+
report << " * Passed: #{num_passed.to_s.green}"
|
254
|
+
report << " * Failed: #{num_failed.to_s.red}"
|
255
|
+
report << " * Skipped: #{num_skipped.to_s.yellow}"
|
256
|
+
|
257
|
+
score = 0
|
258
|
+
if (stats[:global][:passed].count + stats[:global][:failed].count) > 0
|
259
|
+
score = ((stats[:global][:passed].count.to_f/(stats[:global][:passed].count + stats[:global][:failed].count)) * 100.0).round(0)
|
260
|
+
end
|
261
|
+
|
262
|
+
report << "\n Score: #{score}%"
|
263
|
+
|
264
|
+
stats[:report] = report.join("\n")
|
215
265
|
|
216
266
|
return stats
|
217
267
|
end
|
data/lib/simp/beaker_helpers.rb
CHANGED
@@ -365,14 +365,38 @@ module Simp::BeakerHelpers
|
|
365
365
|
on sut, 'puppet resource group puppet gid=52'
|
366
366
|
on sut, 'puppet resource user puppet comment="Puppet" gid="52" uid="52" home="/var/lib/puppet" managehome=true'
|
367
367
|
|
368
|
-
#
|
369
|
-
|
370
|
-
|
371
|
-
|
372
|
-
|
373
|
-
|
374
|
-
|
375
|
-
|
368
|
+
# This may not exist in docker so just skip the whole thing
|
369
|
+
if sut.file_exist?('/etc/ssh')
|
370
|
+
# SIMP uses a central ssh key location so we prep that spot in case we
|
371
|
+
# flip to the SIMP SSH module.
|
372
|
+
on(sut, 'mkdir -p /etc/ssh/local_keys')
|
373
|
+
on(sut, 'chown -R root:root /etc/ssh/local_keys')
|
374
|
+
on(sut, 'chmod 755 /etc/ssh/local_keys')
|
375
|
+
|
376
|
+
user_info = on(sut, 'getent passwd').stdout.lines
|
377
|
+
|
378
|
+
cmd = []
|
379
|
+
# Hash of user => home_dir
|
380
|
+
# Exclude silly directories
|
381
|
+
# * /
|
382
|
+
# * /dev/*
|
383
|
+
# * /s?bin
|
384
|
+
# * /proc
|
385
|
+
user_info = Hash[
|
386
|
+
user_info.map do |u|
|
387
|
+
u.strip!
|
388
|
+
u = u.split(':')
|
389
|
+
u[5] =~ %r{^(/|/dev/.*|/s?bin/?.*|/proc/?.*)$} ? [nil] : [u[0], u[5]]
|
390
|
+
end
|
391
|
+
]
|
392
|
+
|
393
|
+
user_info.keys.each do |user|
|
394
|
+
src_file = "#{user_info[user]}/.ssh/authorzed_keys"
|
395
|
+
tgt_file = "/etc/ssh/local_keys/#{user}"
|
396
|
+
|
397
|
+
on(sut, %{if [ -f "#{src_file}" ]; then cp -a -f "#{src_file}" "#{tgt_file}" && chmod 644 "#{tgt_file}"; fi}, :silent => true)
|
398
|
+
end
|
399
|
+
end
|
376
400
|
|
377
401
|
# SIMP uses structured facts, therefore stringify_facts must be disabled
|
378
402
|
unless ENV['BEAKER_stringify_facts'] == 'yes'
|
metadata
CHANGED
@@ -1,7 +1,7 @@
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
2
2
|
name: simp-beaker-helpers
|
3
3
|
version: !ruby/object:Gem::Version
|
4
|
-
version: 1.11.
|
4
|
+
version: 1.11.3
|
5
5
|
platform: ruby
|
6
6
|
authors:
|
7
7
|
- Chris Tessmer
|
@@ -9,7 +9,7 @@ authors:
|
|
9
9
|
autorequire:
|
10
10
|
bindir: bin
|
11
11
|
cert_chain: []
|
12
|
-
date: 2018-10-
|
12
|
+
date: 2018-10-22 00:00:00.000000000 Z
|
13
13
|
dependencies:
|
14
14
|
- !ruby/object:Gem::Dependency
|
15
15
|
name: beaker
|
@@ -204,8 +204,25 @@ required_rubygems_version: !ruby/object:Gem::Requirement
|
|
204
204
|
version: '0'
|
205
205
|
requirements: []
|
206
206
|
rubyforge_project:
|
207
|
-
rubygems_version: 2.
|
207
|
+
rubygems_version: 2.6.14
|
208
208
|
signing_key:
|
209
209
|
specification_version: 4
|
210
210
|
summary: beaker helper methods for SIMP
|
211
|
-
test_files:
|
211
|
+
test_files:
|
212
|
+
- spec/acceptance/nodesets/default.yml
|
213
|
+
- spec/acceptance/suites/default/check_puppet_version_spec.rb
|
214
|
+
- spec/acceptance/suites/default/enable_fips_spec.rb
|
215
|
+
- spec/acceptance/suites/default/fixture_modules_spec.rb
|
216
|
+
- spec/acceptance/suites/default/nodesets
|
217
|
+
- spec/acceptance/suites/default/pki_tests_spec.rb
|
218
|
+
- spec/acceptance/suites/default/set_hieradata_on_spec.rb
|
219
|
+
- spec/acceptance/suites/default/write_hieradata_to_spec.rb
|
220
|
+
- spec/acceptance/suites/fips_from_fixtures/00_default_spec.rb
|
221
|
+
- spec/acceptance/suites/fips_from_fixtures/metadata.yml
|
222
|
+
- spec/acceptance/suites/fips_from_fixtures/nodesets
|
223
|
+
- spec/acceptance/suites/puppet_collections/00_default_spec.rb
|
224
|
+
- spec/acceptance/suites/puppet_collections/metadata.yml
|
225
|
+
- spec/acceptance/suites/puppet_collections/nodesets/default.yml
|
226
|
+
- spec/lib/simp/beaker_helpers_spec.rb
|
227
|
+
- spec/spec_helper.rb
|
228
|
+
- spec/spec_helper_acceptance.rb
|