train 1.4.25 → 1.4.29

checksums.yaml

@@ -1,7 +1,7 @@
 ---
 SHA256:
-  metadata.gz: 1e20385227ab1b9267ab2d34ca6880657f0d26682b66ca2a10f885ee5f349ce6
-  data.tar.gz: f675b5c27b234f25ad7d3d73a5572422be938f1bb0b59f9e7ef970df665807c1
+  metadata.gz: 65be3294011740eca689d8b5de1273f14f37d5189eae2a29111a4d268701af3a
+  data.tar.gz: bceb7f68344642b8f010b3e1ed5882afa4f4587fd7ebd1459635c2ca8954c3c6
 SHA512:
-  metadata.gz: 58c5b580ea0f04cbc602e52742bdc91bab4c98f41fab640bda1ea60b704cfc6b698022f44b18243ca9e8e317c88801816e302f894c30b1a453e4254f6730475a
-  data.tar.gz: 1d1d9c27431bdbf2c6fbacbc444065c5ac7add670febfb52b8e7eb17ca7d941961effe6d49619204ba75943d8173fbe049fec5bc9560f9dabca3511afb70fefd
+  metadata.gz: 34e6e054bb02d891857461d62756f02f63b0f42491ed7768764c82a6f1b1c3ab9b8158878ac4a1ebf4d6482b4cec62be7de2168f2980c84f662725dca48d2490
+  data.tar.gz: 3104bcaf1ba5edf30ed53702248c0f52e02d50435812a5eb0b6158a7873f6e85f28109e680184f22c6f445fe319113a94ccb2e0ec362150cb8ac285d2805d3e9

data/CHANGELOG.md

@@ -1,24 +1,34 @@
-<!-- latest_release 1.4.25 -->
-## [v1.4.25](https://github.com/inspec/train/tree/v1.4.25) (2018-08-01)
+<!-- latest_release 1.4.29 -->
+## [v1.4.29](https://github.com/inspec/train/tree/v1.4.29) (2018-08-15)
 
 #### Merged Pull Requests
-- Remove not needed google-cloud dependency (see #328) and correct GCP … [#329](https://github.com/inspec/train/pull/329) ([skpaterson](https://github.com/skpaterson))
+- Add non_interactive support for SSH [#336](https://github.com/inspec/train/pull/336) ([marcparadise](https://github.com/marcparadise))
 <!-- latest_release -->
 
-<!-- release_rollup since=1.4.24 -->
-### Changes since 1.4.24 release
+<!-- release_rollup since=1.4.25 -->
+### Changes since 1.4.25 release
+
+#### Features & Enhancements
+- Pulls file credentials parsing out of Azure class [#324](https://github.com/inspec/train/pull/324) ([dmccown](https://github.com/dmccown)) <!-- 1.4.27 -->
 
 #### Merged Pull Requests
-- Remove not needed google-cloud dependency (see #328) and correct GCP … [#329](https://github.com/inspec/train/pull/329) ([skpaterson](https://github.com/skpaterson)) <!-- 1.4.25 -->
+- Add non_interactive support for SSH [#336](https://github.com/inspec/train/pull/336) ([marcparadise](https://github.com/marcparadise)) <!-- 1.4.29 -->
+- Require Ruby 2.0 and allow net-ssh 5.0 [#334](https://github.com/inspec/train/pull/334) ([tas50](https://github.com/tas50)) <!-- 1.4.28 -->
+- Modify checksum logic to use system binaries [#251](https://github.com/inspec/train/pull/251) ([jerryaldrichiii](https://github.com/jerryaldrichiii)) <!-- 1.4.26 -->
 <!-- release_rollup -->
 
 <!-- latest_stable_release -->
+## [v1.4.25](https://github.com/inspec/train/tree/v1.4.25) (2018-08-01)
+
+#### Merged Pull Requests
+- Remove not needed google-cloud dependency (see #328) and correct GCP … [#329](https://github.com/inspec/train/pull/329) ([skpaterson](https://github.com/skpaterson))
+<!-- latest_stable_release -->
+
 ## [v1.4.24](https://github.com/inspec/train/tree/v1.4.24) (2018-07-26)
 
 #### Merged Pull Requests
 - Add shallow_link_path to inspect symlink direct link [#309](https://github.com/inspec/train/pull/309) ([ColinHebert](https://github.com/ColinHebert))
 - Retry SSH command on IOError (Cisco IOS specific) [#326](https://github.com/inspec/train/pull/326) ([jerryaldrichiii](https://github.com/jerryaldrichiii))
-<!-- latest_stable_release -->
 
 ## [v1.4.22](https://github.com/inspec/train/tree/v1.4.22) (2018-07-16)
 

data/lib/train/file.rb

@@ -5,12 +5,10 @@
 
 require 'train/file/local'
 require 'train/file/remote'
-require 'digest/sha2'
-require 'digest/md5'
 require 'train/extras/stat'
 
 module Train
-  class File
+  class File # rubocop:disable Metrics/ClassLength
     def initialize(backend, path, follow_symlink = true)
       @backend = backend
       @path = path || ''
@@ -48,22 +46,6 @@ module Train
       :unknown
     end
 
-    def md5sum
-      res = Digest::MD5.new
-      res.update(content)
-      res.hexdigest
-    rescue TypeError => _
-      nil
-    end
-
-    def sha256sum
-      res = Digest::SHA256.new
-      res.update(content)
-      res.hexdigest
-    rescue TypeError => _
-      nil
-    end
-
     def source
       if @follow_symlink
         self.class.new(@backend, @path, false)
@@ -147,5 +129,82 @@ module Train
 
       !mounted.nil? && !mounted.stdout.nil? && !mounted.stdout.empty?
     end
+
+    def md5sum
+      # Skip processing rest of method if fallback method is selected
+      return perform_checksum_ruby(:md5) if defined?(@ruby_checksum_fallback)
+
+      checksum = if @backend.os.family == 'windows'
+                   perform_checksum_windows(:md5)
+                 else
+                   @md5_command ||= case @backend.os.family
+                                    when 'darwin'
+                                      'md5 -r'
+                                    when 'solaris'
+                                      'digest -a md5'
+                                    else
+                                      'md5sum'
+                                    end
+
+                   perform_checksum_unix(@md5_command)
+                 end
+
+      checksum || perform_checksum_ruby(:md5)
+    end
+
+    def sha256sum
+      # Skip processing rest of method if fallback method is selected
+      return perform_checksum_ruby(:sha256) if defined?(@ruby_checksum_fallback)
+
+      checksum = if @backend.os.family == 'windows'
+                   perform_checksum_windows(:sha256)
+                 else
+                   @sha256_command ||= case @backend.os.family
+                                       when 'darwin', 'hpux', 'qnx'
+                                         'shasum -a 256'
+                                       when 'solaris'
+                                         'digest -a sha256'
+                                       else
+                                         'sha256sum'
+                                       end
+
+                   perform_checksum_unix(@sha256_command)
+                 end
+
+      checksum || perform_checksum_ruby(:sha256)
+    end
+
+    private
+
+    def perform_checksum_unix(cmd)
+      res = @backend.run_command("#{cmd} #{@path}")
+      res.stdout.split(' ').first if res.exit_status == 0
+    end
+
+    def perform_checksum_windows(method)
+      cmd = "CertUtil -hashfile #{@path} #{method.to_s.upcase}"
+      res = @backend.run_command(cmd)
+      res.stdout.split("\r\n")[1].tr(' ', '') if res.exit_status == 0
+    end
+
+    # This pulls the content of the file to the machine running Train and uses
+    # Digest to perform the checksum. This is less efficient than using remote
+    # system binaries and can lead to incorrect results due to encoding.
+    def perform_checksum_ruby(method)
+      # This is used to skip attempting other checksum methods. If this is set
+      # then we know all other methods have failed.
+      @ruby_checksum_fallback = true
+      case method
+      when :md5
+        res = Digest::MD5.new
+      when :sha256
+        res = Digest::SHA256.new
+      end
+
+      res.update(content)
+      res.hexdigest
+    rescue TypeError => _
+      nil
+    end
   end
 end

data/lib/train/transports/azure.rb

@@ -3,9 +3,9 @@
 require 'train/plugins'
 require 'ms_rest_azure'
 require 'azure_mgmt_resources'
-require 'inifile'
 require 'socket'
 require 'timeout'
+require 'train/transports/helpers/azure/file_credentials'
 
 module Train::Transports
   class Azure < Train.plugin(1)
@@ -23,7 +23,7 @@ module Train::Transports
       @connection ||= Connection.new(@options)
     end
 
-    class Connection < BaseConnection # rubocop:disable Metrics/ClassLength
+    class Connection < BaseConnection
       attr_reader :options
 
       def initialize(options)
@@ -38,7 +38,7 @@ module Train::Transports
         @cache[:api_call] = {}
 
         if @options[:client_secret].nil? && @options[:client_id].nil?
-          parse_credentials_file
+          @options.merge!(Helpers::Azure::FileCredentials.parse(@options))
         end
 
         @options[:msi_port] = @options[:msi_port].to_i unless @options[:msi_port].nil?
@@ -149,40 +149,6 @@ module Train::Transports
       rescue Timeout::Error
         false
       end
-
-      def parse_credentials_file # rubocop:disable Metrics/AbcSize
-        # If an AZURE_CRED_FILE environment variable has been specified set the
-        # the credentials file to that, otherwise set the one in home
-        azure_creds_file = @options[:credentials_file]
-        azure_creds_file = File.join(Dir.home, '.azure', 'credentials') if azure_creds_file.nil?
-        return unless File.readable?(azure_creds_file)
-
-        credentials = IniFile.load(File.expand_path(azure_creds_file))
-        if @options[:subscription_id]
-          id = @options[:subscription_id]
-        elsif !ENV['AZURE_SUBSCRIPTION_NUMBER'].nil?
-          subscription_number = ENV['AZURE_SUBSCRIPTION_NUMBER'].to_i
-
-          # Check that the specified index is not greater than the number of subscriptions
-          if subscription_number > credentials.sections.length
-            raise format(
-              'Your credentials file only contains %s subscriptions.  You specified number %s.',
-              @credentials.sections.length,
-              subscription_number,
-            )
-          end
-          id = credentials.sections[subscription_number - 1]
-        else
-          raise 'Multiple credentials detected, please set the AZURE_SUBSCRIPTION_ID environment variable.' if credentials.sections.count > 1
-          id = credentials.sections[0]
-        end
-
-        raise "No credentials found for subscription number #{id}" if credentials.sections.empty? || credentials[id].empty?
-        @options[:subscription_id] = id
-        @options[:tenant_id] = credentials[id]['tenant_id']
-        @options[:client_id] = credentials[id]['client_id']
-        @options[:client_secret] = credentials[id]['client_secret']
-      end
     end
   end
 end

data/lib/train/transports/helpers/azure/file_credentials.rb

@@ -0,0 +1,42 @@
+# encoding: utf-8
+
+require 'inifile'
+require 'train/transports/helpers/azure/file_parser'
+require 'train/transports/helpers/azure/subscription_number_file_parser'
+require 'train/transports/helpers/azure/subscription_id_file_parser'
+
+module Train::Transports
+  module Helpers
+    module Azure
+      class FileCredentials
+        DEFAULT_FILE = ::File.join(Dir.home, '.azure', 'credentials')
+
+        def self.parse(subscription_id: nil, credentials_file: DEFAULT_FILE, **_)
+          return {} unless ::File.readable?(credentials_file)
+          credentials     = IniFile.load(::File.expand_path(credentials_file))
+          subscription_id = parser(subscription_id, ENV['AZURE_SUBSCRIPTION_NUMBER'], credentials).subscription_id
+          creds(subscription_id, credentials)
+        end
+
+        def self.parser(subscription_id, subscription_number, credentials)
+          if subscription_id
+            SubscriptionIdFileParser.new(subscription_id, credentials)
+          elsif !subscription_number.nil?
+            SubscriptionNumberFileParser.new(subscription_number.to_i, credentials)
+          else
+            FileParser.new(credentials)
+          end
+        end
+
+        def self.creds(subscription_id, credentials)
+          {
+            subscription_id: subscription_id,
+            tenant_id:       credentials[subscription_id]['tenant_id'],
+            client_id:       credentials[subscription_id]['client_id'],
+            client_secret:   credentials[subscription_id]['client_secret'],
+          }
+        end
+      end
+    end
+  end
+end

data/lib/train/transports/helpers/azure/file_parser.rb

@@ -0,0 +1,25 @@
+# encoding: utf-8
+
+module Train::Transports
+  module Helpers
+    module Azure
+      class FileParser
+        def initialize(credentials)
+          @credentials = credentials
+
+          validate!
+        end
+
+        def validate!
+          return if @credentials.sections.count == 1
+
+          raise 'Credentials file must have one entry. Check your credentials file. If you have more than one entry set AZURE_SUBSCRIPTION_ID environment variable.'
+        end
+
+        def subscription_id
+          @subscription_id ||= @credentials.sections[0]
+        end
+      end
+    end
+  end
+end

data/lib/train/transports/helpers/azure/subscription_id_file_parser.rb

@@ -0,0 +1,24 @@
+# encoding: utf-8
+
+module Train::Transports
+  module Helpers
+    module Azure
+      class SubscriptionIdFileParser
+        attr_reader :subscription_id
+
+        def initialize(subscription_id, credentials)
+          @subscription_id = subscription_id
+          @credentials     = credentials
+
+          validate!
+        end
+
+        def validate!
+          if @credentials.sections.empty? || @credentials[subscription_id].empty?
+            raise "No credentials found for subscription number #{subscription_id}"
+          end
+        end
+      end
+    end
+  end
+end

data/lib/train/transports/helpers/azure/subscription_number_file_parser.rb

@@ -0,0 +1,30 @@
+# encoding: utf-8
+
+module Train::Transports
+  module Helpers
+    module Azure
+      class SubscriptionNumberFileParser
+        def initialize(index, credentials)
+          @index       = index
+          @credentials = credentials
+
+          validate!
+        end
+
+        def validate!
+          if @index == 0
+            raise 'Index must be greater than 0.'
+          end
+
+          if @index > @credentials.sections.length
+            raise "Your credentials file only contains #{@credentials.sections.length} subscriptions. You specified number #{@index}."
+          end
+        end
+
+        def subscription_id
+          @subscription_id ||= @credentials.sections[@index - 1]
+        end
+      end
+    end
+  end
+end

data/lib/train/transports/ssh.rb

@@ -62,6 +62,7 @@ module Train::Transports
     option :bastion_host, default: nil
     option :bastion_user, default: 'root'
     option :bastion_port, default: 22
+    option :non_interactive, default: false
 
     option :compression_level do |opts|
       # on nil or false: set compression level to 0
@@ -162,9 +163,9 @@ module Train::Transports
         bastion_host:           opts[:bastion_host],
         bastion_user:           opts[:bastion_user],
         bastion_port:           opts[:bastion_port],
+        non_interactive:        opts[:non_interactive],
         transport_options:      opts,
       }
-
       # disable host key verification. The hash key to use
       # depends on the version of net-ssh in use.
       connection_options[verify_host_key_option] = false

data/lib/train/transports/ssh_connection.rb

@@ -69,6 +69,7 @@ class Train::Transports::SSH
       args  = %w{ -o UserKnownHostsFile=/dev/null }
       args += %w{ -o StrictHostKeyChecking=no }
       args += %w{ -o IdentitiesOnly=yes } if options[:keys]
+      args += %w{ -o BatchMode=yes } if options[:non_interactive]
       args += %W( -o LogLevel=#{level} )
       args += %W( -o ForwardAgent=#{fwd_agent} ) if options.key?(:forward_agent)
       Array(options[:keys]).each do |ssh_key|

data/lib/train/version.rb

@@ -3,5 +3,5 @@
 # Author:: Dominik Richter (<dominik.richter@gmail.com>)
 
 module Train
-  VERSION = '1.4.25'.freeze
+  VERSION = '1.4.29'.freeze
 end

data/test/integration/tests/path_block_device_test.rb

@@ -42,11 +42,11 @@ describe 'file interface' do
       file.link_path.must_be_nil
     end
 
-    it 'has no md5sum' do
+    it 'has the correct md5sum' do
       file.md5sum.must_equal('d41d8cd98f00b204e9800998ecf8427e')
     end
 
-    it 'has no sha256sum' do
+    it 'has the correct sha256sum' do
       file.sha256sum.must_equal('e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855')
     end
 

data/test/integration/tests/path_folder_test.rb

@@ -37,12 +37,12 @@ describe 'file interface' do
         file.content.must_be_nil
       end
 
-      it 'has an md5sum' do
-        file.md5sum.must_be_nil
+      it 'raises an error if md5sum is attempted' do
+        proc { file.md5sum }.must_raise RuntimeError
       end
 
-      it 'has an sha256sum' do
-        file.sha256sum.must_be_nil
+      it 'raises an error if sha256sum is attempted' do
+        proc { file.sha256sum }.must_raise RuntimeError
       end
     end
 

data/test/integration/tests/path_missing_test.rb

@@ -44,12 +44,12 @@ describe 'file interface' do
       file.link_path.must_be_nil
     end
 
-    it 'has an md5sum' do
-      file.md5sum.must_be_nil
+    it 'raises an error if md5sum is attempted' do
+      proc { file.md5sum }.must_raise RuntimeError
     end
 
-    it 'has an sha256sum' do
-      file.sha256sum.must_be_nil
+    it 'raises an error if sha256sum is attempted' do
+      proc { file.sha256sum }.must_raise RuntimeError
     end
 
     it 'has a modified time' do