train 1.4.31 → 1.4.35
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- checksums.yaml +4 -4
- data/CHANGELOG.md +16 -8
- data/lib/train/platforms/detect/specifications/os.rb +1 -1
- data/lib/train/transports/azure.rb +26 -4
- data/lib/train/transports/cisco_ios_connection.rb +2 -4
- data/lib/train/transports/clients/azure/graph_rbac.rb +28 -0
- data/lib/train/transports/gcp.rb +6 -2
- data/lib/train/transports/helpers/azure/file_credentials.rb +2 -4
- data/lib/train/version.rb +1 -1
- data/test/unit/transports/azure_test.rb +8 -1
- data/test/unit/transports/cisco_ios_connection.rb +4 -3
- data/train.gemspec +1 -0
- metadata +17 -2
checksums.yaml
CHANGED
@@ -1,7 +1,7 @@
|
|
1
1
|
---
|
2
2
|
SHA256:
|
3
|
-
metadata.gz:
|
4
|
-
data.tar.gz:
|
3
|
+
metadata.gz: 893a9b5ce2710681b1d4bd795661244d5a7148bbd4ec265b607fc4241394e999
|
4
|
+
data.tar.gz: 0500f6af3195b846c025afb818ad939cbf9592e28002a6093c0ced0e75851604
|
5
5
|
SHA512:
|
6
|
-
metadata.gz:
|
7
|
-
data.tar.gz:
|
6
|
+
metadata.gz: f5bfe0c9737ad2db256d5e7b9434afa0eb8013e47417bfe2d9feaf858c8518f06592f3eab7081d47beb64847c0f876727fd83935cac5eeb2f804a142112d8ed0
|
7
|
+
data.tar.gz: 2da5c3b0c40fb01b7f999cc56a2f5f0c0c15afc5db513f6574421197dbe5ec26d2ab7f69f13d2107f785421a89d80fefb35aeee3d26747d3f7bc0e8bbc93f521
|
data/CHANGELOG.md
CHANGED
@@ -1,19 +1,28 @@
|
|
1
|
-
<!-- latest_release 1.4.
|
2
|
-
## [v1.4.
|
1
|
+
<!-- latest_release 1.4.35 -->
|
2
|
+
## [v1.4.35](https://github.com/inspec/train/tree/v1.4.35) (2018-08-23)
|
3
3
|
|
4
4
|
#### Merged Pull Requests
|
5
|
-
-
|
5
|
+
- Adds connection to Graph RBAC API [#327](https://github.com/inspec/train/pull/327) ([r-fennell](https://github.com/r-fennell))
|
6
6
|
<!-- latest_release -->
|
7
7
|
|
8
|
-
<!-- release_rollup since=1.4.
|
9
|
-
### Changes since 1.4.
|
8
|
+
<!-- release_rollup since=1.4.31 -->
|
9
|
+
### Changes since 1.4.31 release
|
10
10
|
|
11
11
|
#### Merged Pull Requests
|
12
|
-
-
|
13
|
-
- Fixes
|
12
|
+
- Adds connection to Graph RBAC API [#327](https://github.com/inspec/train/pull/327) ([r-fennell](https://github.com/r-fennell)) <!-- 1.4.35 -->
|
13
|
+
- Fixes failing test when you have a cred file [#343](https://github.com/inspec/train/pull/343) ([dmccown](https://github.com/dmccown)) <!-- 1.4.34 -->
|
14
|
+
- Modify Cisco UUID detection to use processor ID [#342](https://github.com/inspec/train/pull/342) ([jerryaldrichiii](https://github.com/jerryaldrichiii)) <!-- 1.4.33 -->
|
15
|
+
- Ensure unique_identifier returns something meaningful for service acc… [#338](https://github.com/inspec/train/pull/338) ([skpaterson](https://github.com/skpaterson)) <!-- 1.4.32 -->
|
14
16
|
<!-- release_rollup -->
|
15
17
|
|
16
18
|
<!-- latest_stable_release -->
|
19
|
+
## [v1.4.31](https://github.com/inspec/train/tree/v1.4.31) (2018-08-17)
|
20
|
+
|
21
|
+
#### Merged Pull Requests
|
22
|
+
- Fixes an issue where the credential file was nil [#337](https://github.com/inspec/train/pull/337) ([dmccown](https://github.com/dmccown))
|
23
|
+
- Enable using rubygems as plugins [#335](https://github.com/inspec/train/pull/335) ([clintoncwolfe](https://github.com/clintoncwolfe))
|
24
|
+
<!-- latest_stable_release -->
|
25
|
+
|
17
26
|
## [v1.4.29](https://github.com/inspec/train/tree/v1.4.29) (2018-08-15)
|
18
27
|
|
19
28
|
#### Features & Enhancements
|
@@ -23,7 +32,6 @@
|
|
23
32
|
- Modify checksum logic to use system binaries [#251](https://github.com/inspec/train/pull/251) ([jerryaldrichiii](https://github.com/jerryaldrichiii))
|
24
33
|
- Require Ruby 2.0 and allow net-ssh 5.0 [#334](https://github.com/inspec/train/pull/334) ([tas50](https://github.com/tas50))
|
25
34
|
- Add non_interactive support for SSH [#336](https://github.com/inspec/train/pull/336) ([marcparadise](https://github.com/marcparadise))
|
26
|
-
<!-- latest_stable_release -->
|
27
35
|
|
28
36
|
## [v1.4.25](https://github.com/inspec/train/tree/v1.4.25) (2018-08-01)
|
29
37
|
|
@@ -555,7 +555,7 @@ module Train::Platforms::Detect::Specifications
|
|
555
555
|
next unless v[:type] == 'nexus'
|
556
556
|
@platform[:release] = v[:version]
|
557
557
|
@platform[:arch] = nil
|
558
|
-
@platform[:uuid_command] = 'show
|
558
|
+
@platform[:uuid_command] = 'show version | include Processor'
|
559
559
|
true
|
560
560
|
}
|
561
561
|
|
@@ -3,9 +3,11 @@
|
|
3
3
|
require 'train/plugins'
|
4
4
|
require 'ms_rest_azure'
|
5
5
|
require 'azure_mgmt_resources'
|
6
|
+
require 'azure_graph_rbac'
|
6
7
|
require 'socket'
|
7
8
|
require 'timeout'
|
8
9
|
require 'train/transports/helpers/azure/file_credentials'
|
10
|
+
require 'train/transports/clients/azure/graph_rbac'
|
9
11
|
|
10
12
|
module Train::Transports
|
11
13
|
class Azure < Train.plugin(1)
|
@@ -26,6 +28,8 @@ module Train::Transports
|
|
26
28
|
class Connection < BaseConnection
|
27
29
|
attr_reader :options
|
28
30
|
|
31
|
+
DEFAULT_FILE = ::File.join(Dir.home, '.azure', 'credentials')
|
32
|
+
|
29
33
|
def initialize(options)
|
30
34
|
@apis = {}
|
31
35
|
|
@@ -38,6 +42,7 @@ module Train::Transports
|
|
38
42
|
@cache[:api_call] = {}
|
39
43
|
|
40
44
|
if @options[:client_secret].nil? && @options[:client_id].nil?
|
45
|
+
options[:credentials_file] = DEFAULT_FILE if options[:credentials_file].nil?
|
41
46
|
@options.merge!(Helpers::Azure::FileCredentials.parse(@options))
|
42
47
|
end
|
43
48
|
|
@@ -55,13 +60,26 @@ module Train::Transports
|
|
55
60
|
end
|
56
61
|
|
57
62
|
def azure_client(klass = ::Azure::Resources::Profiles::Latest::Mgmt::Client)
|
58
|
-
|
63
|
+
if cache_enabled?(:api_call)
|
64
|
+
return @cache[:api_call][klass.to_s.to_sym] unless @cache[:api_call][klass.to_s.to_sym].nil?
|
65
|
+
end
|
66
|
+
|
67
|
+
if klass == ::Azure::Resources::Profiles::Latest::Mgmt::Client
|
68
|
+
@credentials[:base_url] = MsRestAzure::AzureEnvironments::AzureCloud.resource_manager_endpoint_url
|
69
|
+
elsif klass == ::Azure::GraphRbac::Profiles::Latest::Client
|
70
|
+
client = GraphRbac.client(@credentials)
|
71
|
+
end
|
59
72
|
|
60
|
-
|
73
|
+
client ||= klass.new(@credentials)
|
74
|
+
|
75
|
+
# Cache if enabled
|
76
|
+
@cache[:api_call][klass.to_s.to_sym] ||= client if cache_enabled?(:api_call)
|
77
|
+
|
78
|
+
client
|
61
79
|
end
|
62
80
|
|
63
81
|
def connect
|
64
|
-
if
|
82
|
+
if msi_auth?
|
65
83
|
# this needs set for azure cloud to authenticate
|
66
84
|
ENV['MSI_VM'] = 'true'
|
67
85
|
provider = ::MsRestAzure::MSITokenProvider.new(@options[:msi_port])
|
@@ -135,9 +153,13 @@ module Train::Transports
|
|
135
153
|
options[:subscription_id] || options[:tenant_id]
|
136
154
|
end
|
137
155
|
|
156
|
+
def msi_auth?
|
157
|
+
@options[:client_id].nil? && @options[:client_secret].nil? && port_open?(@options[:msi_port])
|
158
|
+
end
|
159
|
+
|
138
160
|
private
|
139
161
|
|
140
|
-
def port_open?(port, seconds =
|
162
|
+
def port_open?(port, seconds = 3)
|
141
163
|
Timeout.timeout(seconds) do
|
142
164
|
begin
|
143
165
|
TCPSocket.new('localhost', port).close
|
@@ -26,10 +26,8 @@ class Train::Transports::SSH
|
|
26
26
|
end
|
27
27
|
|
28
28
|
def unique_identifier
|
29
|
-
result = run_command_via_connection('show
|
30
|
-
result.split(
|
31
|
-
return section.split('SN: ')[1].strip if section.include?('Chassis')
|
32
|
-
end
|
29
|
+
result = run_command_via_connection('show version | include Processor')
|
30
|
+
result.stdout.split(' ')[-1]
|
33
31
|
end
|
34
32
|
|
35
33
|
private
|
@@ -0,0 +1,28 @@
|
|
1
|
+
# encoding: utf-8
|
2
|
+
require 'azure_graph_rbac'
|
3
|
+
|
4
|
+
# Wrapper class for ::Azure::GraphRbac::Profiles::Latest::Client allowing custom configuration,
|
5
|
+
# for example, defining additional settings for the ::MsRestAzure::ApplicationTokenProvider.
|
6
|
+
class GraphRbac
|
7
|
+
AUTH_ENDPOINT = MsRestAzure::AzureEnvironments::AzureCloud.active_directory_endpoint_url
|
8
|
+
API_ENDPOINT = MsRestAzure::AzureEnvironments::AzureCloud.active_directory_graph_resource_id
|
9
|
+
|
10
|
+
def self.client(credentials)
|
11
|
+
provider = ::MsRestAzure::ApplicationTokenProvider.new(
|
12
|
+
credentials[:tenant_id],
|
13
|
+
credentials[:client_id],
|
14
|
+
credentials[:client_secret],
|
15
|
+
settings,
|
16
|
+
)
|
17
|
+
credentials[:credentials] = ::MsRest::TokenCredentials.new(provider)
|
18
|
+
credentials[:base_url] = API_ENDPOINT
|
19
|
+
::Azure::GraphRbac::Profiles::Latest::Client.new(credentials)
|
20
|
+
end
|
21
|
+
|
22
|
+
def self.settings
|
23
|
+
client_settings = MsRestAzure::ActiveDirectoryServiceSettings.get_azure_settings
|
24
|
+
client_settings.authentication_endpoint = AUTH_ENDPOINT
|
25
|
+
client_settings.token_audience = API_ENDPOINT
|
26
|
+
client_settings
|
27
|
+
end
|
28
|
+
end
|
data/lib/train/transports/gcp.rb
CHANGED
@@ -84,8 +84,12 @@ module Train::Transports
|
|
84
84
|
end
|
85
85
|
|
86
86
|
def unique_identifier
|
87
|
-
|
88
|
-
|
87
|
+
unique_id = 'default'
|
88
|
+
# use auth client_id for users (issuer is nil)
|
89
|
+
unique_id=gcp_iam_client.request_options.authorization.client_id unless gcp_iam_client.request_options.authorization.client_id.nil?
|
90
|
+
# for service account credentials (client_id is nil)
|
91
|
+
unique_id=gcp_iam_client.request_options.authorization.issuer unless gcp_iam_client.request_options.authorization.issuer.nil?
|
92
|
+
unique_id
|
89
93
|
end
|
90
94
|
end
|
91
95
|
end
|
@@ -9,10 +9,8 @@ module Train::Transports
|
|
9
9
|
module Helpers
|
10
10
|
module Azure
|
11
11
|
class FileCredentials
|
12
|
-
|
13
|
-
|
14
|
-
def self.parse(subscription_id: nil, credentials_file: DEFAULT_FILE, **_)
|
15
|
-
credentials_file = DEFAULT_FILE if credentials_file.nil?
|
12
|
+
def self.parse(subscription_id: nil, credentials_file: nil, **_)
|
13
|
+
return {} if credentials_file.nil?
|
16
14
|
return {} unless ::File.readable?(credentials_file)
|
17
15
|
credentials = IniFile.load(::File.expand_path(credentials_file))
|
18
16
|
subscription_id = parser(subscription_id, ENV['AZURE_SUBSCRIPTION_NUMBER'], credentials).subscription_id
|
data/lib/train/version.rb
CHANGED
@@ -75,8 +75,15 @@ describe 'azure transport' do
|
|
75
75
|
end
|
76
76
|
|
77
77
|
it 'can use azure_client default client' do
|
78
|
+
MANAGEMENT_API_CLIENT = Azure::Resources::Profiles::Latest::Mgmt::Client
|
78
79
|
client = connection.azure_client
|
79
|
-
client.class.must_equal
|
80
|
+
client.class.must_equal MANAGEMENT_API_CLIENT
|
81
|
+
end
|
82
|
+
|
83
|
+
it 'can use azure_client graph client' do
|
84
|
+
GRAPH_API_CLIENT = Azure::GraphRbac::Profiles::Latest::Client
|
85
|
+
client = connection.azure_client(GRAPH_API_CLIENT)
|
86
|
+
client.class.must_equal GRAPH_API_CLIENT
|
80
87
|
end
|
81
88
|
end
|
82
89
|
|
@@ -33,11 +33,12 @@ describe 'CiscoIOSConnection' do
|
|
33
33
|
|
34
34
|
describe '#unique_identifier' do
|
35
35
|
it 'returns the correct identifier' do
|
36
|
-
output = "
|
36
|
+
output = "\r\nProcessor board ID 1111111111\r\n"
|
37
37
|
Train::Transports::SSH::CiscoIOSConnection.any_instance
|
38
|
-
.expects(:run_command_via_connection)
|
38
|
+
.expects(:run_command_via_connection)
|
39
|
+
.with('show version | include Processor')
|
39
40
|
.returns(OpenStruct.new(stdout: output))
|
40
|
-
connection.unique_identifier.must_equal('
|
41
|
+
connection.unique_identifier.must_equal('1111111111')
|
41
42
|
end
|
42
43
|
end
|
43
44
|
|
data/train.gemspec
CHANGED
@@ -35,6 +35,7 @@ Gem::Specification.new do |spec|
|
|
35
35
|
spec.add_dependency 'docker-api', '~> 1.26'
|
36
36
|
spec.add_dependency 'aws-sdk', '~> 2'
|
37
37
|
spec.add_dependency 'azure_mgmt_resources', '~> 0.15'
|
38
|
+
spec.add_dependency 'azure_graph_rbac', '~> 0.16'
|
38
39
|
spec.add_dependency 'google-api-client', '~> 0.19.8'
|
39
40
|
spec.add_dependency 'googleauth', '~> 0.6.2'
|
40
41
|
spec.add_dependency 'inifile'
|
metadata
CHANGED
@@ -1,14 +1,14 @@
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
2
2
|
name: train
|
3
3
|
version: !ruby/object:Gem::Version
|
4
|
-
version: 1.4.
|
4
|
+
version: 1.4.35
|
5
5
|
platform: ruby
|
6
6
|
authors:
|
7
7
|
- Dominik Richter
|
8
8
|
autorequire:
|
9
9
|
bindir: bin
|
10
10
|
cert_chain: []
|
11
|
-
date: 2018-08-
|
11
|
+
date: 2018-08-23 00:00:00.000000000 Z
|
12
12
|
dependencies:
|
13
13
|
- !ruby/object:Gem::Dependency
|
14
14
|
name: json
|
@@ -148,6 +148,20 @@ dependencies:
|
|
148
148
|
- - "~>"
|
149
149
|
- !ruby/object:Gem::Version
|
150
150
|
version: '0.15'
|
151
|
+
- !ruby/object:Gem::Dependency
|
152
|
+
name: azure_graph_rbac
|
153
|
+
requirement: !ruby/object:Gem::Requirement
|
154
|
+
requirements:
|
155
|
+
- - "~>"
|
156
|
+
- !ruby/object:Gem::Version
|
157
|
+
version: '0.16'
|
158
|
+
type: :runtime
|
159
|
+
prerelease: false
|
160
|
+
version_requirements: !ruby/object:Gem::Requirement
|
161
|
+
requirements:
|
162
|
+
- - "~>"
|
163
|
+
- !ruby/object:Gem::Version
|
164
|
+
version: '0.16'
|
151
165
|
- !ruby/object:Gem::Dependency
|
152
166
|
name: google-api-client
|
153
167
|
requirement: !ruby/object:Gem::Requirement
|
@@ -251,6 +265,7 @@ files:
|
|
251
265
|
- lib/train/transports/aws.rb
|
252
266
|
- lib/train/transports/azure.rb
|
253
267
|
- lib/train/transports/cisco_ios_connection.rb
|
268
|
+
- lib/train/transports/clients/azure/graph_rbac.rb
|
254
269
|
- lib/train/transports/docker.rb
|
255
270
|
- lib/train/transports/gcp.rb
|
256
271
|
- lib/train/transports/helpers/azure/file_credentials.rb
|