train 1.4.31 → 1.4.35

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
checksums.yaml CHANGED
@@ -1,7 +1,7 @@
1
1
  ---
2
2
  SHA256:
3
- metadata.gz: 41dd0a819427f0fdb0394992ca48fd80d9d67dd45d7a6c666472f48cb79cacb0
4
- data.tar.gz: 8c05af271415f0165a1a68b2495832ba89f84864dcb5c26e498fd48e2cc4d43f
3
+ metadata.gz: 893a9b5ce2710681b1d4bd795661244d5a7148bbd4ec265b607fc4241394e999
4
+ data.tar.gz: 0500f6af3195b846c025afb818ad939cbf9592e28002a6093c0ced0e75851604
5
5
  SHA512:
6
- metadata.gz: 55719a930b672cab82cfeb76aebf0fa26643a75de1c61d618f65236d291682786a786376679a61c5533940c34391cb10d400f85852cd07b1e8d01b29f682b3f4
7
- data.tar.gz: ab0665695a28b1e86b21fb83d2093907bb7850870603bba2fd35efb21b1b37c7e101a39dd6b4814cfea8d518ac762931275a9f578dad60c577fefc504f4ec1c0
6
+ metadata.gz: f5bfe0c9737ad2db256d5e7b9434afa0eb8013e47417bfe2d9feaf858c8518f06592f3eab7081d47beb64847c0f876727fd83935cac5eeb2f804a142112d8ed0
7
+ data.tar.gz: 2da5c3b0c40fb01b7f999cc56a2f5f0c0c15afc5db513f6574421197dbe5ec26d2ab7f69f13d2107f785421a89d80fefb35aeee3d26747d3f7bc0e8bbc93f521
data/CHANGELOG.md CHANGED
@@ -1,19 +1,28 @@
1
- <!-- latest_release 1.4.31 -->
2
- ## [v1.4.31](https://github.com/inspec/train/tree/v1.4.31) (2018-08-16)
1
+ <!-- latest_release 1.4.35 -->
2
+ ## [v1.4.35](https://github.com/inspec/train/tree/v1.4.35) (2018-08-23)
3
3
 
4
4
  #### Merged Pull Requests
5
- - Enable using rubygems as plugins [#335](https://github.com/inspec/train/pull/335) ([clintoncwolfe](https://github.com/clintoncwolfe))
5
+ - Adds connection to Graph RBAC API [#327](https://github.com/inspec/train/pull/327) ([r-fennell](https://github.com/r-fennell))
6
6
  <!-- latest_release -->
7
7
 
8
- <!-- release_rollup since=1.4.29 -->
9
- ### Changes since 1.4.29 release
8
+ <!-- release_rollup since=1.4.31 -->
9
+ ### Changes since 1.4.31 release
10
10
 
11
11
  #### Merged Pull Requests
12
- - Enable using rubygems as plugins [#335](https://github.com/inspec/train/pull/335) ([clintoncwolfe](https://github.com/clintoncwolfe)) <!-- 1.4.31 -->
13
- - Fixes an issue where the credential file was nil [#337](https://github.com/inspec/train/pull/337) ([dmccown](https://github.com/dmccown)) <!-- 1.4.30 -->
12
+ - Adds connection to Graph RBAC API [#327](https://github.com/inspec/train/pull/327) ([r-fennell](https://github.com/r-fennell)) <!-- 1.4.35 -->
13
+ - Fixes failing test when you have a cred file [#343](https://github.com/inspec/train/pull/343) ([dmccown](https://github.com/dmccown)) <!-- 1.4.34 -->
14
+ - Modify Cisco UUID detection to use processor ID [#342](https://github.com/inspec/train/pull/342) ([jerryaldrichiii](https://github.com/jerryaldrichiii)) <!-- 1.4.33 -->
15
+ - Ensure unique_identifier returns something meaningful for service acc… [#338](https://github.com/inspec/train/pull/338) ([skpaterson](https://github.com/skpaterson)) <!-- 1.4.32 -->
14
16
  <!-- release_rollup -->
15
17
 
16
18
  <!-- latest_stable_release -->
19
+ ## [v1.4.31](https://github.com/inspec/train/tree/v1.4.31) (2018-08-17)
20
+
21
+ #### Merged Pull Requests
22
+ - Fixes an issue where the credential file was nil [#337](https://github.com/inspec/train/pull/337) ([dmccown](https://github.com/dmccown))
23
+ - Enable using rubygems as plugins [#335](https://github.com/inspec/train/pull/335) ([clintoncwolfe](https://github.com/clintoncwolfe))
24
+ <!-- latest_stable_release -->
25
+
17
26
  ## [v1.4.29](https://github.com/inspec/train/tree/v1.4.29) (2018-08-15)
18
27
 
19
28
  #### Features & Enhancements
@@ -23,7 +32,6 @@
23
32
  - Modify checksum logic to use system binaries [#251](https://github.com/inspec/train/pull/251) ([jerryaldrichiii](https://github.com/jerryaldrichiii))
24
33
  - Require Ruby 2.0 and allow net-ssh 5.0 [#334](https://github.com/inspec/train/pull/334) ([tas50](https://github.com/tas50))
25
34
  - Add non_interactive support for SSH [#336](https://github.com/inspec/train/pull/336) ([marcparadise](https://github.com/marcparadise))
26
- <!-- latest_stable_release -->
27
35
 
28
36
  ## [v1.4.25](https://github.com/inspec/train/tree/v1.4.25) (2018-08-01)
29
37
 
@@ -555,7 +555,7 @@ module Train::Platforms::Detect::Specifications
555
555
  next unless v[:type] == 'nexus'
556
556
  @platform[:release] = v[:version]
557
557
  @platform[:arch] = nil
558
- @platform[:uuid_command] = 'show inventory chassis | include SN'
558
+ @platform[:uuid_command] = 'show version | include Processor'
559
559
  true
560
560
  }
561
561
 
@@ -3,9 +3,11 @@
3
3
  require 'train/plugins'
4
4
  require 'ms_rest_azure'
5
5
  require 'azure_mgmt_resources'
6
+ require 'azure_graph_rbac'
6
7
  require 'socket'
7
8
  require 'timeout'
8
9
  require 'train/transports/helpers/azure/file_credentials'
10
+ require 'train/transports/clients/azure/graph_rbac'
9
11
 
10
12
  module Train::Transports
11
13
  class Azure < Train.plugin(1)
@@ -26,6 +28,8 @@ module Train::Transports
26
28
  class Connection < BaseConnection
27
29
  attr_reader :options
28
30
 
31
+ DEFAULT_FILE = ::File.join(Dir.home, '.azure', 'credentials')
32
+
29
33
  def initialize(options)
30
34
  @apis = {}
31
35
 
@@ -38,6 +42,7 @@ module Train::Transports
38
42
  @cache[:api_call] = {}
39
43
 
40
44
  if @options[:client_secret].nil? && @options[:client_id].nil?
45
+ options[:credentials_file] = DEFAULT_FILE if options[:credentials_file].nil?
41
46
  @options.merge!(Helpers::Azure::FileCredentials.parse(@options))
42
47
  end
43
48
 
@@ -55,13 +60,26 @@ module Train::Transports
55
60
  end
56
61
 
57
62
  def azure_client(klass = ::Azure::Resources::Profiles::Latest::Mgmt::Client)
58
- return klass.new(@credentials) unless cache_enabled?(:api_call)
63
+ if cache_enabled?(:api_call)
64
+ return @cache[:api_call][klass.to_s.to_sym] unless @cache[:api_call][klass.to_s.to_sym].nil?
65
+ end
66
+
67
+ if klass == ::Azure::Resources::Profiles::Latest::Mgmt::Client
68
+ @credentials[:base_url] = MsRestAzure::AzureEnvironments::AzureCloud.resource_manager_endpoint_url
69
+ elsif klass == ::Azure::GraphRbac::Profiles::Latest::Client
70
+ client = GraphRbac.client(@credentials)
71
+ end
59
72
 
60
- @cache[:api_call][klass.to_s.to_sym] ||= klass.new(@credentials)
73
+ client ||= klass.new(@credentials)
74
+
75
+ # Cache if enabled
76
+ @cache[:api_call][klass.to_s.to_sym] ||= client if cache_enabled?(:api_call)
77
+
78
+ client
61
79
  end
62
80
 
63
81
  def connect
64
- if @options[:client_id].nil? && @options[:client_secret].nil? && port_open?(@options[:msi_port])
82
+ if msi_auth?
65
83
  # this needs set for azure cloud to authenticate
66
84
  ENV['MSI_VM'] = 'true'
67
85
  provider = ::MsRestAzure::MSITokenProvider.new(@options[:msi_port])
@@ -135,9 +153,13 @@ module Train::Transports
135
153
  options[:subscription_id] || options[:tenant_id]
136
154
  end
137
155
 
156
+ def msi_auth?
157
+ @options[:client_id].nil? && @options[:client_secret].nil? && port_open?(@options[:msi_port])
158
+ end
159
+
138
160
  private
139
161
 
140
- def port_open?(port, seconds = 1)
162
+ def port_open?(port, seconds = 3)
141
163
  Timeout.timeout(seconds) do
142
164
  begin
143
165
  TCPSocket.new('localhost', port).close
@@ -26,10 +26,8 @@ class Train::Transports::SSH
26
26
  end
27
27
 
28
28
  def unique_identifier
29
- result = run_command_via_connection('show inventory').stdout
30
- result.split("\r\n\r\n").each do |section|
31
- return section.split('SN: ')[1].strip if section.include?('Chassis')
32
- end
29
+ result = run_command_via_connection('show version | include Processor')
30
+ result.stdout.split(' ')[-1]
33
31
  end
34
32
 
35
33
  private
@@ -0,0 +1,28 @@
1
+ # encoding: utf-8
2
+ require 'azure_graph_rbac'
3
+
4
+ # Wrapper class for ::Azure::GraphRbac::Profiles::Latest::Client allowing custom configuration,
5
+ # for example, defining additional settings for the ::MsRestAzure::ApplicationTokenProvider.
6
+ class GraphRbac
7
+ AUTH_ENDPOINT = MsRestAzure::AzureEnvironments::AzureCloud.active_directory_endpoint_url
8
+ API_ENDPOINT = MsRestAzure::AzureEnvironments::AzureCloud.active_directory_graph_resource_id
9
+
10
+ def self.client(credentials)
11
+ provider = ::MsRestAzure::ApplicationTokenProvider.new(
12
+ credentials[:tenant_id],
13
+ credentials[:client_id],
14
+ credentials[:client_secret],
15
+ settings,
16
+ )
17
+ credentials[:credentials] = ::MsRest::TokenCredentials.new(provider)
18
+ credentials[:base_url] = API_ENDPOINT
19
+ ::Azure::GraphRbac::Profiles::Latest::Client.new(credentials)
20
+ end
21
+
22
+ def self.settings
23
+ client_settings = MsRestAzure::ActiveDirectoryServiceSettings.get_azure_settings
24
+ client_settings.authentication_endpoint = AUTH_ENDPOINT
25
+ client_settings.token_audience = API_ENDPOINT
26
+ client_settings
27
+ end
28
+ end
@@ -84,8 +84,12 @@ module Train::Transports
84
84
  end
85
85
 
86
86
  def unique_identifier
87
- # use auth client_id - same to retrieve for any of the clients but use IAM
88
- gcp_iam_client.request_options.authorization.client_id
87
+ unique_id = 'default'
88
+ # use auth client_id for users (issuer is nil)
89
+ unique_id=gcp_iam_client.request_options.authorization.client_id unless gcp_iam_client.request_options.authorization.client_id.nil?
90
+ # for service account credentials (client_id is nil)
91
+ unique_id=gcp_iam_client.request_options.authorization.issuer unless gcp_iam_client.request_options.authorization.issuer.nil?
92
+ unique_id
89
93
  end
90
94
  end
91
95
  end
@@ -9,10 +9,8 @@ module Train::Transports
9
9
  module Helpers
10
10
  module Azure
11
11
  class FileCredentials
12
- DEFAULT_FILE = ::File.join(Dir.home, '.azure', 'credentials')
13
-
14
- def self.parse(subscription_id: nil, credentials_file: DEFAULT_FILE, **_)
15
- credentials_file = DEFAULT_FILE if credentials_file.nil?
12
+ def self.parse(subscription_id: nil, credentials_file: nil, **_)
13
+ return {} if credentials_file.nil?
16
14
  return {} unless ::File.readable?(credentials_file)
17
15
  credentials = IniFile.load(::File.expand_path(credentials_file))
18
16
  subscription_id = parser(subscription_id, ENV['AZURE_SUBSCRIPTION_NUMBER'], credentials).subscription_id
data/lib/train/version.rb CHANGED
@@ -3,5 +3,5 @@
3
3
  # Author:: Dominik Richter (<dominik.richter@gmail.com>)
4
4
 
5
5
  module Train
6
- VERSION = '1.4.31'.freeze
6
+ VERSION = '1.4.35'.freeze
7
7
  end
@@ -75,8 +75,15 @@ describe 'azure transport' do
75
75
  end
76
76
 
77
77
  it 'can use azure_client default client' do
78
+ MANAGEMENT_API_CLIENT = Azure::Resources::Profiles::Latest::Mgmt::Client
78
79
  client = connection.azure_client
79
- client.class.must_equal Azure::Resources::Profiles::Latest::Mgmt::Client
80
+ client.class.must_equal MANAGEMENT_API_CLIENT
81
+ end
82
+
83
+ it 'can use azure_client graph client' do
84
+ GRAPH_API_CLIENT = Azure::GraphRbac::Profiles::Latest::Client
85
+ client = connection.azure_client(GRAPH_API_CLIENT)
86
+ client.class.must_equal GRAPH_API_CLIENT
80
87
  end
81
88
  end
82
89
 
@@ -33,11 +33,12 @@ describe 'CiscoIOSConnection' do
33
33
 
34
34
  describe '#unique_identifier' do
35
35
  it 'returns the correct identifier' do
36
- output = "NAME: \"Chassis\", DESCR: \"Cisco 7206VXR, 6-slot chassis\"\r\nPID: CISCO7206VXR , VID: , SN: 4279256517 \r\n\r\nNAME: \"NPE400 0\", DESCR: \"Cisco 7200VXR Network Processing Engine NPE-400\"\r\nPID: NPE-400 , VID: , SN: 11111111 \r\n\r\nNAME: \"module 0\", DESCR: \"I/O FastEthernet (TX-ISL)\"\r\nPID: C7200-IO-FE-MII/RJ45=, VID: , SN: 4294967295 \r\n\r\nNAME: \"Power Supply 1\", DESCR: \"Cisco 7200 AC Power Supply\"\r\nPID: PWR-7200-AC , VID: , SN: \r\n\r\nNAME: \"Power Supply 2\", DESCR: \"Cisco 7200 AC Power Supply\"\r\nPID: PWR-7200-AC , VID: , SN: "
36
+ output = "\r\nProcessor board ID 1111111111\r\n"
37
37
  Train::Transports::SSH::CiscoIOSConnection.any_instance
38
- .expects(:run_command_via_connection).with('show inventory')
38
+ .expects(:run_command_via_connection)
39
+ .with('show version | include Processor')
39
40
  .returns(OpenStruct.new(stdout: output))
40
- connection.unique_identifier.must_equal('4279256517')
41
+ connection.unique_identifier.must_equal('1111111111')
41
42
  end
42
43
  end
43
44
 
data/train.gemspec CHANGED
@@ -35,6 +35,7 @@ Gem::Specification.new do |spec|
35
35
  spec.add_dependency 'docker-api', '~> 1.26'
36
36
  spec.add_dependency 'aws-sdk', '~> 2'
37
37
  spec.add_dependency 'azure_mgmt_resources', '~> 0.15'
38
+ spec.add_dependency 'azure_graph_rbac', '~> 0.16'
38
39
  spec.add_dependency 'google-api-client', '~> 0.19.8'
39
40
  spec.add_dependency 'googleauth', '~> 0.6.2'
40
41
  spec.add_dependency 'inifile'
metadata CHANGED
@@ -1,14 +1,14 @@
1
1
  --- !ruby/object:Gem::Specification
2
2
  name: train
3
3
  version: !ruby/object:Gem::Version
4
- version: 1.4.31
4
+ version: 1.4.35
5
5
  platform: ruby
6
6
  authors:
7
7
  - Dominik Richter
8
8
  autorequire:
9
9
  bindir: bin
10
10
  cert_chain: []
11
- date: 2018-08-16 00:00:00.000000000 Z
11
+ date: 2018-08-23 00:00:00.000000000 Z
12
12
  dependencies:
13
13
  - !ruby/object:Gem::Dependency
14
14
  name: json
@@ -148,6 +148,20 @@ dependencies:
148
148
  - - "~>"
149
149
  - !ruby/object:Gem::Version
150
150
  version: '0.15'
151
+ - !ruby/object:Gem::Dependency
152
+ name: azure_graph_rbac
153
+ requirement: !ruby/object:Gem::Requirement
154
+ requirements:
155
+ - - "~>"
156
+ - !ruby/object:Gem::Version
157
+ version: '0.16'
158
+ type: :runtime
159
+ prerelease: false
160
+ version_requirements: !ruby/object:Gem::Requirement
161
+ requirements:
162
+ - - "~>"
163
+ - !ruby/object:Gem::Version
164
+ version: '0.16'
151
165
  - !ruby/object:Gem::Dependency
152
166
  name: google-api-client
153
167
  requirement: !ruby/object:Gem::Requirement
@@ -251,6 +265,7 @@ files:
251
265
  - lib/train/transports/aws.rb
252
266
  - lib/train/transports/azure.rb
253
267
  - lib/train/transports/cisco_ios_connection.rb
268
+ - lib/train/transports/clients/azure/graph_rbac.rb
254
269
  - lib/train/transports/docker.rb
255
270
  - lib/train/transports/gcp.rb
256
271
  - lib/train/transports/helpers/azure/file_credentials.rb