From 988e612c51e63d156a0aa76c3290a27fe089f79e Mon Sep 17 00:00:00 2001 From: Tim Smith Date: Fri, 19 Aug 2016 14:11:16 -0700 Subject: [PATCH 1/2] Switch from Rubocop to Chefstyle and resolve all warnings Signed-off-by: Tim Smith --- .rubocop.yml | 65 ------ .travis.yml | 13 +- Berksfile | 10 +- Gemfile | 30 +-- Guardfile | 6 +- Rakefile | 45 ++-- bin/console | 6 +- kitchen-inspec.gemspec | 38 +-- lib/kitchen/verifier/inspec.rb | 118 +++++----- lib/kitchen/verifier/inspec_version.rb | 2 +- spec/kitchen/verifier/inspec_spec.rb | 216 +++++++++--------- spec/spec_helper.rb | 20 +- test/cookbooks/os_prepare/metadata.rb | 14 +- test/integration/profile/controls/example.rb | 4 +- test/integration/profile/controls/gordon.rb | 10 +- .../profile/libraries/gordon_config.rb | 4 +- 16 files changed, 268 insertions(+), 333 deletions(-) delete mode 100644 .rubocop.yml diff --git a/.rubocop.yml b/.rubocop.yml deleted file mode 100644 index 67c3e2b..0000000 --- a/.rubocop.yml +++ /dev/null @@ -1,65 +0,0 @@ ---- -AllCops: - Exclude: - - Gemfile - - Rakefile - - 'test/**/*' - - 'examples/**/*' - - 'vendor/**/*' -Documentation: - Enabled: false -AlignParameters: - Enabled: true -Encoding: - Enabled: true -HashSyntax: - Enabled: true -LineLength: - Enabled: false -EmptyLinesAroundBlockBody: - Enabled: false -MethodLength: - Max: 40 -NumericLiterals: - MinDigits: 10 -Metrics/CyclomaticComplexity: - Max: 10 -Metrics/PerceivedComplexity: - Max: 10 -Metrics/AbcSize: - Max: 33 -Style/PercentLiteralDelimiters: - PreferredDelimiters: - '%': '{}' - '%i': () - '%q': '{}' - '%Q': () - '%r': '{}' - '%s': () - '%w': '{}' - '%W': () - '%x': () -Style/AlignHash: - Enabled: false -Style/PredicateName: - Enabled: false -Style/ClassAndModuleChildren: - Enabled: false -Style/BracesAroundHashParameters: - Enabled: false -Style/AndOr: - Enabled: false -Style/Not: - Enabled: false -Style/TrailingComma: - EnforcedStyleForMultiline: comma -Style/NegatedIf: - Enabled: false -Style/UnlessElse: - Enabled: false -BlockDelimiters: - Enabled: false -Style/SpaceAroundOperators: - Enabled: false -Style/IfUnlessModifier: - Enabled: false diff --git a/.travis.yml b/.travis.yml index c1af090..5210473 100644 --- a/.travis.yml +++ b/.travis.yml @@ -3,21 +3,20 @@ language: ruby cache: bundler dist: trusty services: -- docker + - docker bundler_args: "--without integration guard tools" before_install: -- gem install bundler -- gem --version + - gem install bundler + - gem --version matrix: include: - - rvm: 1.9.3 - rvm: 2.0 - - rvm: 2.1 + - rvm: 2.1.9 - rvm: ruby-head - - rvm: 2.2 + - rvm: 2.2.5 bundler_args: "--without guard tools" script: bundle exec rake test:integration OS='default profile contains_inspec' - - rvm: 2.2 + - rvm: 2.2.5 bundler_args: "--without guard tools" script: bundle exec rake test:integration OS='supermarket' allow_failures: diff --git a/Berksfile b/Berksfile index 1333cfd..d216c40 100644 --- a/Berksfile +++ b/Berksfile @@ -1,8 +1,8 @@ # encoding: utf-8 -source 'https://supermarket.chef.io' +source "https://supermarket.chef.io" -cookbook 'apt' -cookbook 'yum' -cookbook 'os_prepare', path: './test/cookbooks/os_prepare' -cookbook 'ssh-hardening', git: 'https://github.com/dev-sec/chef-ssh-hardening.git' +cookbook "apt" +cookbook "yum" +cookbook "os_prepare", path: "./test/cookbooks/os_prepare" +cookbook "ssh-hardening", git: "https://github.com/dev-sec/chef-ssh-hardening.git" diff --git a/Gemfile b/Gemfile index 277e8d6..ef0c898 100644 --- a/Gemfile +++ b/Gemfile @@ -1,33 +1,33 @@ # -*- encoding: utf-8 -*- -source 'https://rubygems.org' +source "https://rubygems.org" gemspec group :guard do - gem 'guard-rspec', :require => nil - gem 'guard-rubocop', :require => nil + gem "guard-rspec", :require => nil + gem "guard-rubocop", :require => nil end group :test do - gem 'bundler', '~> 1.5' - gem 'minitest', '~> 5.5' - gem 'rake', '~> 10' - gem 'rubocop', '~> 0.32' - gem 'concurrent-ruby', '~> 0.9' - gem 'codeclimate-test-reporter', :require => nil + gem "bundler", "~> 1.5" + gem "minitest", "~> 5.5" + gem "rake", "~> 10" + gem "chefstyle", "~> 0.4.0" + gem "concurrent-ruby", "~> 0.9" + gem "codeclimate-test-reporter", :require => nil end # pin dependency for Ruby 1.9.3 since bundler is not # detecting that net-ssh 3 does not work with 1.9.3 -if Gem::Version.new(RUBY_VERSION) <= Gem::Version.new('1.9.3') - gem 'net-ssh', '~> 2.9' +if Gem::Version.new(RUBY_VERSION) <= Gem::Version.new("1.9.3") + gem "net-ssh", "~> 2.9" end group :integration do - gem 'berkshelf', '>= 4.2.3' - gem 'kitchen-dokken' + gem "berkshelf", ">= 4.2.3" + gem "kitchen-dokken" end group :tools do - gem 'pry', '~> 0.10' - gem 'github_changelog_generator', '1.11.3' + gem "pry", "~> 0.10" + gem "github_changelog_generator", "1.11.3" end diff --git a/Guardfile b/Guardfile index b40cc8a..41f88f8 100644 --- a/Guardfile +++ b/Guardfile @@ -2,18 +2,18 @@ ignore %r{^\.gem/} def rspec_opts - { cmd: 'bundle exec rspec' } + { cmd: "bundle exec rspec" } end def rubocop_opts - { all_on_start: false, keep_failed: false, cli: '-r finstyle' } + { all_on_start: false, keep_failed: false, cli: "-r chefstyle" } end group :red_green_refactor, halt_on_fail: true do guard :rspec, rspec_opts do watch(%r{^spec/(.*)_spec\.rb}) watch(%r{^lib/(.*)([^/]+)\.rb}) { |m| "spec/#{m[1]}#{m[2]}_spec.rb" } - watch(%r{^spec/spec_helper\.rb}) { 'spec' } + watch(%r{^spec/spec_helper\.rb}) { "spec" } end guard :rubocop, rubocop_opts do diff --git a/Rakefile b/Rakefile index c51301a..996de5b 100644 --- a/Rakefile +++ b/Rakefile @@ -2,7 +2,8 @@ require "bundler/gem_tasks" require "rspec/core/rake_task" -require 'rubocop/rake_task' +require "chefstyle" +require "rubocop/rake_task" # Specs RSpec::Core::RakeTask.new(:spec) @@ -11,13 +12,13 @@ desc "Run all test suites" task :test => [:spec] # Rubocop -desc 'Run Rubocop lint checks' +desc "Run Rubocop lint checks" task :rubocop do RuboCop::RakeTask.new end # lint the project -desc 'Run robocop linter' +desc "Run robocop linter" task lint: [:rubocop] desc "Display LOC stats" @@ -36,20 +37,20 @@ task :default => [:test, :quality] # Automatically generate a changelog for this project. Only loaded if # the necessary gem is installed. begin - require 'github_changelog_generator/task' + require "github_changelog_generator/task" GitHubChangelogGenerator::RakeTask.new :changelog rescue LoadError - puts '>>>>> GitHub Changelog Generator not loaded, omitting tasks' + puts ">>>>> GitHub Changelog Generator not loaded, omitting tasks" end # Print the current version of this gem or update it. # # @param [Type] target the new version you want to set, or nil if you only want to show def kitchen_inspec_version(target = nil) - path = 'lib/kitchen/verifier/inspec_version.rb' - require_relative path.sub(/.rb$/, '') + path = "lib/kitchen/verifier/inspec_version.rb" + require_relative path.sub(/.rb$/, "") - nu_version = target.nil? ? '' : " -> #{target}" + nu_version = target.nil? ? "" : " -> #{target}" puts "Kitchen-inspec: #{Kitchen::Verifier::INSPEC_VERSION}#{nu_version}" unless target.nil? @@ -66,7 +67,7 @@ end # @param [Type] msg the message to display if the command is missing def require_command(x, msg = nil) return if system("command -v #{x} || exit 1") - msg ||= 'Please install it first!' + msg ||= "Please install it first!" puts "\033[31;1mCan't find command #{x.inspect}. #{msg}\033[0m" exit 1 end @@ -84,11 +85,11 @@ end # Check the requirements for running an update of this repository. def check_update_requirements - require_command 'git' - require_command 'github_changelog_generator', "\n"\ + require_command "git" + require_command "github_changelog_generator", "\n"\ "For more information on how to install it see:\n"\ " https://github.com/skywinder/github-changelog-generator\n" - require_env 'CHANGELOG_GITHUB_TOKEN', "\n"\ + require_env "CHANGELOG_GITHUB_TOKEN", "\n"\ "Please configure this token to make sure you can run all commands\n"\ "against GitHub.\n\n"\ "See github_changelog_generator homepage for more information:\n"\ @@ -96,33 +97,33 @@ def check_update_requirements end # Show the current version of this gem. -desc 'Show the version of this gem' +desc "Show the version of this gem" task :version do kitchen_inspec_version end -desc 'Generate the changelog' +desc "Generate the changelog" task :changelog do - require_relative 'lib/kitchen/verifier/inspec_version' + require_relative "lib/kitchen/verifier/inspec_version" system "github_changelog_generator -u chef -p kitchen-inspec --future-release #{Kitchen::Verifier::INSPEC_VERSION}" end # Update the version of this gem and create an updated # changelog. It covers everything short of actually releasing # the gem. -desc 'Bump the version of this gem' +desc "Bump the version of this gem" task :bump_version, [:version] do |_, args| - v = args[:version] || ENV['to'] - fail "You must specify a target version! rake release[1.2.3]" if v.empty? + v = args[:version] || ENV["to"] + raise "You must specify a target version! rake release[1.2.3]" if v.empty? check_update_requirements kitchen_inspec_version(v) - Rake::Task['changelog'].invoke + Rake::Task["changelog"].invoke end namespace :test do task :integration do - concurrency = ENV['CONCURRENCY'] || 1 - os = ENV['OS'] || '' - sh('sh', '-c', "bundle exec kitchen test -c #{concurrency} #{os}") + concurrency = ENV["CONCURRENCY"] || 1 + os = ENV["OS"] || "" + sh("sh", "-c", "bundle exec kitchen test -c #{concurrency} #{os}") end end diff --git a/bin/console b/bin/console index 5b60070..cffc7ea 100755 --- a/bin/console +++ b/bin/console @@ -1,8 +1,8 @@ #!/usr/bin/env ruby # encoding: utf-8 -require 'bundler/setup' -require 'kitchen/inspec' +require "bundler/setup" +require "kitchen/inspec" # You can add fixtures and/or initialization code here to make experimenting # with your gem easier. You can also use a different console, if you like. @@ -11,5 +11,5 @@ require 'kitchen/inspec' # require 'pry' # Pry.start -require 'irb' +require "irb" IRB.start diff --git a/kitchen-inspec.gemspec b/kitchen-inspec.gemspec index 41f9b71..ba78336 100644 --- a/kitchen-inspec.gemspec +++ b/kitchen-inspec.gemspec @@ -1,34 +1,34 @@ # encoding: utf-8 -lib = File.expand_path('../lib', __FILE__) +lib = File.expand_path("../lib", __FILE__) $LOAD_PATH.unshift(lib) unless $LOAD_PATH.include?(lib) -require 'kitchen/verifier/inspec_version' -require 'English' +require "kitchen/verifier/inspec_version" +require "English" Gem::Specification.new do |spec| - spec.name = 'kitchen-inspec' + spec.name = "kitchen-inspec" spec.version = Kitchen::Verifier::INSPEC_VERSION - spec.license = 'Apache-2.0' - spec.authors = ['Fletcher Nichol'] - spec.email = ['fnichol@chef.io'] + spec.license = "Apache-2.0" + spec.authors = ["Fletcher Nichol"] + spec.email = ["fnichol@chef.io"] - spec.summary = 'A Test Kitchen Verifier for InSpec' + spec.summary = "A Test Kitchen Verifier for InSpec" spec.description = spec.summary - spec.homepage = 'http://github.com/chef/kitchen-inspec' + spec.homepage = "http://github.com/chef/kitchen-inspec" spec.files = `git ls-files -z`.split("\x0") .reject { |f| f.match(%r{^(test|spec|features)/}) } - spec.bindir = 'exe' + spec.bindir = "exe" spec.executables = spec.files.grep(%r{^exe/}) { |f| File.basename(f) } - spec.require_paths = ['lib'] - spec.add_dependency 'inspec', '>=0.22.0', '<1.0.0' - spec.add_dependency 'test-kitchen', '~> 1.6' - spec.add_development_dependency 'countloc', '~> 0.4' - spec.add_development_dependency 'bundler', '~> 1.10' - spec.add_development_dependency 'rake', '~> 10.0' - spec.add_development_dependency 'rspec' - spec.add_development_dependency 'simplecov', '~> 0.10' + spec.require_paths = ["lib"] + spec.add_dependency "inspec", ">=0.22.0", "<1.0.0" + spec.add_dependency "test-kitchen", "~> 1.6" + spec.add_development_dependency "countloc", "~> 0.4" + spec.add_development_dependency "bundler", "~> 1.10" + spec.add_development_dependency "rake", "~> 10.0" + spec.add_development_dependency "rspec" + spec.add_development_dependency "simplecov", "~> 0.10" # style and complexity libraries are tightly version pinned as newer releases # may introduce new and undesireable style choices which would be immediately # enforced in CI - spec.add_development_dependency 'finstyle', '1.5.0' + spec.add_development_dependency "chefstyle", "0.4.0" end diff --git a/lib/kitchen/verifier/inspec.rb b/lib/kitchen/verifier/inspec.rb index 6899fdb..d34c47e 100644 --- a/lib/kitchen/verifier/inspec.rb +++ b/lib/kitchen/verifier/inspec.rb @@ -17,13 +17,13 @@ # See the License for the specific language governing permissions and # limitations under the License. -require 'kitchen/transport/ssh' -require 'kitchen/transport/winrm' -require 'kitchen/verifier/inspec_version' -require 'kitchen/verifier/base' +require "kitchen/transport/ssh" +require "kitchen/transport/winrm" +require "kitchen/verifier/inspec_version" +require "kitchen/verifier/base" -require 'uri' -require 'pathname' +require "uri" +require "pathname" module Kitchen module Verifier @@ -53,7 +53,7 @@ def finalize_config!(instance) # Unfortunately there is no way to read `test_base_path` from the # .kitchen.yml, it can only be provided on the CLI. # See https://github.com/test-kitchen/test-kitchen/issues/1077 - inspec_test_dir = File.join(config[:kitchen_root], 'test', 'recipes') + inspec_test_dir = File.join(config[:kitchen_root], "test", "recipes") if File.directory?(inspec_test_dir) config[:test_base_path] = inspec_test_dir end @@ -63,7 +63,7 @@ def finalize_config!(instance) # (see Base#call) def call(state) - logger.debug('Initialize InSpec') + logger.debug("Initialize InSpec") opts = runner_options(instance.transport, state) runner = ::Inspec::Runner.new(opts) @@ -74,25 +74,25 @@ def call(state) logger.debug("Running tests from: #{tests.inspect}") exit_code = runner.run return if exit_code == 0 - fail ActionFailed, "Inspec Runner returns #{exit_code}" + raise ActionFailed, "Inspec Runner returns #{exit_code}" end private # (see Base#load_needed_dependencies!) def load_needed_dependencies! - require 'inspec' + require "inspec" # TODO: this should be easier. I would expect to load a single class here # load supermarket plugin, this is part of the inspec gem - require 'bundles/inspec-supermarket/api' - require 'bundles/inspec-supermarket/target' + require "bundles/inspec-supermarket/api" + require "bundles/inspec-supermarket/target" # load the compliance plugin - require 'bundles/inspec-compliance/configuration' - require 'bundles/inspec-compliance/support' - require 'bundles/inspec-compliance/http' - require 'bundles/inspec-compliance/api' - require 'bundles/inspec-compliance/target' + require "bundles/inspec-compliance/configuration" + require "bundles/inspec-compliance/support" + require "bundles/inspec-compliance/http" + require "bundles/inspec-compliance/api" + require "bundles/inspec-compliance/target" end # Returns an Array of test suite filenames for the related suite currently @@ -111,14 +111,14 @@ def local_suite_files base = File.join(config[:test_base_path], config[:suite_name]) legacy_mode = false # check for testing frameworks, we may need to add more - %w{inspec serverspec bats pester rspec cucumber minitest bash}.each { |fw| + %w{inspec serverspec bats pester rspec cucumber minitest bash}.each do |fw| if Pathname.new(File.join(base, fw)).exist? logger.info("Detected alternative framework tests for `#{fw}`") legacy_mode = true end - } + end - base = File.join(base, 'inspec') if legacy_mode + base = File.join(base, "inspec") if legacy_mode logger.info("Use `#{base}` for testing") # only return the directory if it exists @@ -147,13 +147,13 @@ def runner_options(transport, state = {}) # rubocop:disable Metrics/AbcSize elsif defined?(Kitchen::Transport::Dokken) && transport.is_a?(Kitchen::Transport::Dokken) runner_options_for_docker(transport_data) else - fail Kitchen::UserError, "Verifier #{name} does not support the #{transport.name} Transport" + raise Kitchen::UserError, "Verifier #{name} does not support the #{transport.name} Transport" end.tap do |runner_options| # default color to true to match InSpec behavior - runner_options['color'] = (config[:color].nil? ? true : config[:color]) - runner_options['format'] = config[:format] unless config[:format].nil? - runner_options['output'] = config[:output] unless config[:output].nil? - runner_options['profiles_path'] = config[:profiles_path] unless config[:profiles_path].nil? + runner_options["color"] = (config[:color].nil? ? true : config[:color]) + runner_options["format"] = config[:format] unless config[:format].nil? + runner_options["output"] = config[:output] unless config[:output].nil? + runner_options["profiles_path"] = config[:profiles_path] unless config[:profiles_path].nil? end end @@ -164,26 +164,26 @@ def runner_options(transport, state = {}) # rubocop:disable Metrics/AbcSize def runner_options_for_ssh(config_data) kitchen = instance.transport.send(:connection_options, config_data).dup opts = { - 'backend' => 'ssh', - 'logger' => logger, + "backend" => "ssh", + "logger" => logger, # pass-in sudo config from kitchen verifier - 'sudo' => config[:sudo], - 'sudo_command' => config[:sudo_command], - 'host' => kitchen[:hostname], - 'port' => kitchen[:port], - 'user' => kitchen[:username], - 'keepalive' => kitchen[:keepalive], - 'keepalive_interval' => kitchen[:keepalive_interval], - 'connection_timeout' => kitchen[:timeout], - 'connection_retries' => kitchen[:connection_retries], - 'connection_retry_sleep' => kitchen[:connection_retry_sleep], - 'max_wait_until_ready' => kitchen[:max_wait_until_ready], - 'compression' => kitchen[:compression], - 'compression_level' => kitchen[:compression_level], - 'keys_only' => true, + "sudo" => config[:sudo], + "sudo_command" => config[:sudo_command], + "host" => kitchen[:hostname], + "port" => kitchen[:port], + "user" => kitchen[:username], + "keepalive" => kitchen[:keepalive], + "keepalive_interval" => kitchen[:keepalive_interval], + "connection_timeout" => kitchen[:timeout], + "connection_retries" => kitchen[:connection_retries], + "connection_retry_sleep" => kitchen[:connection_retry_sleep], + "max_wait_until_ready" => kitchen[:max_wait_until_ready], + "compression" => kitchen[:compression], + "compression_level" => kitchen[:compression_level], + "keys_only" => true, } - opts['key_files'] = kitchen[:keys] unless kitchen[:keys].nil? - opts['password'] = kitchen[:password] unless kitchen[:password].nil? + opts["key_files"] = kitchen[:keys] unless kitchen[:keys].nil? + opts["password"] = kitchen[:password] unless kitchen[:password].nil? opts end @@ -194,15 +194,15 @@ def runner_options_for_ssh(config_data) def runner_options_for_winrm(config_data) kitchen = instance.transport.send(:connection_options, config_data).dup opts = { - 'backend' => 'winrm', - 'logger' => logger, - 'host' => URI(kitchen[:endpoint]).hostname, - 'port' => URI(kitchen[:endpoint]).port, - 'user' => kitchen[:user], - 'password' => kitchen[:pass], - 'connection_retries' => kitchen[:connection_retries], - 'connection_retry_sleep' => kitchen[:connection_retry_sleep], - 'max_wait_until_ready' => kitchen[:max_wait_until_ready], + "backend" => "winrm", + "logger" => logger, + "host" => URI(kitchen[:endpoint]).hostname, + "port" => URI(kitchen[:endpoint]).port, + "user" => kitchen[:user], + "password" => kitchen[:pass], + "connection_retries" => kitchen[:connection_retries], + "connection_retry_sleep" => kitchen[:connection_retry_sleep], + "max_wait_until_ready" => kitchen[:max_wait_until_ready], } opts end @@ -218,13 +218,13 @@ def runner_options_for_docker(config_data) # - config_data[:data_container][:Id] : (hosts chef-client) # - config_data[:runner_container][:Id] : (the kitchen-container) opts = { - 'backend' => 'docker', - 'logger' => logger, - 'host' => config_data[:runner_container][:Id], - 'connection_timeout' => kitchen[:timeout], - 'connection_retries' => kitchen[:connection_retries], - 'connection_retry_sleep' => kitchen[:connection_retry_sleep], - 'max_wait_until_ready' => kitchen[:max_wait_until_ready], + "backend" => "docker", + "logger" => logger, + "host" => config_data[:runner_container][:Id], + "connection_timeout" => kitchen[:timeout], + "connection_retries" => kitchen[:connection_retries], + "connection_retry_sleep" => kitchen[:connection_retry_sleep], + "max_wait_until_ready" => kitchen[:max_wait_until_ready], } logger.debug "Connect to Container: #{opts['host']}" opts diff --git a/lib/kitchen/verifier/inspec_version.rb b/lib/kitchen/verifier/inspec_version.rb index 1112773..3d6fbc2 100644 --- a/lib/kitchen/verifier/inspec_version.rb +++ b/lib/kitchen/verifier/inspec_version.rb @@ -20,6 +20,6 @@ module Kitchen module Verifier # Version string for InSpec Kitchen verifier - INSPEC_VERSION = '0.15.0' + INSPEC_VERSION = "0.15.0" end end diff --git a/spec/kitchen/verifier/inspec_spec.rb b/spec/kitchen/verifier/inspec_spec.rb index d295a6b..d502526 100644 --- a/spec/kitchen/verifier/inspec_spec.rb +++ b/spec/kitchen/verifier/inspec_spec.rb @@ -17,52 +17,52 @@ # See the License for the specific language governing permissions and # limitations under the License. -require_relative '../../spec_helper' +require_relative "../../spec_helper" -require 'logger' +require "logger" -require 'kitchen/verifier/inspec' -require 'kitchen/transport/ssh' -require 'kitchen/transport/winrm' +require "kitchen/verifier/inspec" +require "kitchen/transport/ssh" +require "kitchen/transport/winrm" describe Kitchen::Verifier::Inspec do let(:logged_output) { StringIO.new } let(:logger) { Logger.new(logged_output) } - let(:config) { + let(:config) do { kitchen_root: kitchen_root, - test_base_path: File.join(kitchen_root, 'test', 'integration'), + test_base_path: File.join(kitchen_root, "test", "integration"), } - } + end let(:transport_config) { {} } let(:kitchen_root) { Dir.mktmpdir } let(:platform) do - instance_double('Kitchen::Platform', os_type: nil, shell_type: nil) + instance_double("Kitchen::Platform", os_type: nil, shell_type: nil) end let(:suite) do - instance_double('Kitchen::Suite', name: 'germany') + instance_double("Kitchen::Suite", name: "germany") end let(:transport) do instance_double( - 'Kitchen::Transport::Dummy', - name: 'wickedsauce', - diagnose: transport_config, + "Kitchen::Transport::Dummy", + name: "wickedsauce", + diagnose: transport_config ) end let(:instance) do instance_double( - 'Kitchen::Instance', - name: 'coolbeans', + "Kitchen::Instance", + name: "coolbeans", logger: logger, platform: platform, suite: suite, transport: transport, - to_str: 'instance', + to_str: "instance" ) end @@ -78,54 +78,54 @@ Kitchen::Verifier::Inspec.new(config).finalize_config!(instance) end - it 'verifier api_version is 1' do + it "verifier api_version is 1" do expect(verifier.diagnose_plugin[:api_version]).to eq(1) end - it 'plugin_version is set to Kitchen::Verifier::INSPEC_VERSION' do + it "plugin_version is set to Kitchen::Verifier::INSPEC_VERSION" do expect(verifier.diagnose_plugin[:version]) .to eq(Kitchen::Verifier::INSPEC_VERSION) end - describe 'configuration' do + describe "configuration" do # nothing yet, woah! end - describe '#finalize_config!' do - let(:kitchen_inspec_tests) { File.join(kitchen_root, 'test', 'recipes') } - context 'when a test/recipes folder exists' do + describe "#finalize_config!" do + let(:kitchen_inspec_tests) { File.join(kitchen_root, "test", "recipes") } + context "when a test/recipes folder exists" do before do FileUtils.mkdir_p(kitchen_inspec_tests) end - it 'should read the tests from there' do + it "should read the tests from there" do expect(verifier[:test_base_path]).to eq(kitchen_inspec_tests) end end - context 'when a test/recipes folder does not exist' do - it 'should read the tests from the default location' do - expect(verifier[:test_base_path]).to eq(File.join(kitchen_root, 'test', 'integration')) + context "when a test/recipes folder does not exist" do + it "should read the tests from the default location" do + expect(verifier[:test_base_path]).to eq(File.join(kitchen_root, "test", "integration")) end end end - context 'with an ssh transport' do + context "with an ssh transport" do let(:transport_config) do { - hostname: 'boogie', + hostname: "boogie", port: "I shouldn't be used", - username: 'dance', - ssh_key: '/backstage/pass', - keepalive: 'keepalive', - keepalive_interval: 'forever', - connection_timeout: 'nope', - connection_retries: 'thousand', - connection_retry_sleep: 'sleepy', + username: "dance", + ssh_key: "/backstage/pass", + keepalive: "keepalive", + keepalive_interval: "forever", + connection_timeout: "nope", + connection_retries: "thousand", + connection_retry_sleep: "sleepy", max_wait_until_ready: 42, - compression: 'maxyo', - compression_level: 'pico', + compression: "maxyo", + compression_level: "pico", } end @@ -134,7 +134,7 @@ end let(:runner) do - instance_double('Inspec::Runner') + instance_double("Inspec::Runner") end before do @@ -142,86 +142,86 @@ allow(runner).to receive(:run).and_return 0 end - it 'constructs a Inspec::Runner using transport config data and state' do - config[:sudo] = 'jellybeans' - config[:sudo_command] = 'allyourbase' + it "constructs a Inspec::Runner using transport config data and state" do + config[:sudo] = "jellybeans" + config[:sudo_command] = "allyourbase" expect(Inspec::Runner).to receive(:new) .with( hash_including( - 'backend' => 'ssh', - 'logger' => logger, - 'sudo' => 'jellybeans', - 'sudo_command' => 'allyourbase', - 'host' => 'boogie', - 'port' => 123, - 'user' => 'dance', - 'keepalive' => 'keepalive', - 'keepalive_interval' => 'forever', - 'connection_timeout' => 'nope', - 'connection_retries' => 'thousand', - 'connection_retry_sleep' => 'sleepy', - 'max_wait_until_ready' => 42, - 'compression' => 'maxyo', - 'compression_level' => 'pico', - 'key_files' => ['/backstage/pass'], - ), + "backend" => "ssh", + "logger" => logger, + "sudo" => "jellybeans", + "sudo_command" => "allyourbase", + "host" => "boogie", + "port" => 123, + "user" => "dance", + "keepalive" => "keepalive", + "keepalive_interval" => "forever", + "connection_timeout" => "nope", + "connection_retries" => "thousand", + "connection_retry_sleep" => "sleepy", + "max_wait_until_ready" => 42, + "compression" => "maxyo", + "compression_level" => "pico", + "key_files" => ["/backstage/pass"] + ) ) .and_return(runner) verifier.call(port: 123) end - it 'constructs an Inspec::Runner with a specified inspec output format' do - config[:format] = 'documentation' + it "constructs an Inspec::Runner with a specified inspec output format" do + config[:format] = "documentation" expect(Inspec::Runner).to receive(:new) .with( hash_including( - 'format' => 'documentation', - ), + "format" => "documentation" + ) ) .and_return(runner) verifier.call(port: 123) end - it 'find test directory for runner' do - ensure_suite_directory('germany') + it "find test directory for runner" do + ensure_suite_directory("germany") allow(Inspec::Runner).to receive(:new).and_return(runner) expect(runner).to receive(:add_target).with( File.join( config[:test_base_path], - 'germany', + "germany" ), anything) verifier.call({}) end - it 'find test directory for runner if legacy' do + it "find test directory for runner if legacy" do create_legacy_test_directories allow(Inspec::Runner).to receive(:new).and_return(runner) expect(runner).to receive(:add_target).with( File.join( config[:test_base_path], - 'germany', 'inspec' + "germany", "inspec" ), anything) verifier.call({}) end - it 'non-existent test directory for runner' do + it "non-existent test directory for runner" do allow(Inspec::Runner).to receive(:new).and_return(runner) expect(runner).to_not receive(:add_target).with( File.join( config[:test_base_path], - 'nobody', + "nobody" ), anything) verifier.call({}) end - it 'calls #run on the runner' do + it "calls #run on the runner" do allow(Inspec::Runner).to receive(:new).and_return(runner) expect(runner).to receive(:run) @@ -229,64 +229,64 @@ end end - context 'with an remote profile' do + context "with an remote profile" do let(:transport) do Kitchen::Transport::Ssh.new({}) end let(:runner) do - instance_double('Inspec::Runner') + instance_double("Inspec::Runner") end let(:suite) do - instance_double('Kitchen::Suite', { name: 'local' }) + instance_double("Kitchen::Suite", { name: "local" }) end let(:instance) do instance_double( - 'Kitchen::Instance', - name: 'coolbeans', + "Kitchen::Instance", + name: "coolbeans", logger: logger, platform: platform, suite: suite, transport: transport, - to_str: 'instance', + to_str: "instance" ) end - let(:config) { + let(:config) do { - inspec_tests: ['https://github.com/nathenharvey/tmp_compliance_profile'], + inspec_tests: ["https://github.com/nathenharvey/tmp_compliance_profile"], kitchen_root: kitchen_root, - test_base_path: File.join(kitchen_root, 'test', 'integration'), + test_base_path: File.join(kitchen_root, "test", "integration"), } - } + end before do allow(runner).to receive(:add_target) allow(runner).to receive(:run).and_return 0 end - it 'find test directory and remote profile' do - ensure_suite_directory('local') + it "find test directory and remote profile" do + ensure_suite_directory("local") allow(Inspec::Runner).to receive(:new).and_return(runner) expect(runner).to receive(:add_target).with( - File.join(config[:test_base_path], 'local'), anything) + File.join(config[:test_base_path], "local"), anything) expect(runner).to receive(:add_target).with( - 'https://github.com/nathenharvey/tmp_compliance_profile', anything) + "https://github.com/nathenharvey/tmp_compliance_profile", anything) verifier.call({}) end end - context 'with an winrm transport' do + context "with an winrm transport" do let(:transport_config) do { - username: 'dance', - password: 'party', - connection_retries: 'thousand', - connection_retry_sleep: 'sleepy', + username: "dance", + password: "party", + connection_retries: "thousand", + connection_retry_sleep: "sleepy", max_wait_until_ready: 42, } end @@ -296,7 +296,7 @@ end let(:runner) do - instance_double('Inspec::Runner') + instance_double("Inspec::Runner") end before do @@ -304,39 +304,39 @@ allow(runner).to receive(:run).and_return 0 end - it 'constructs a Inspec::Runner using transport config data and state' do + it "constructs a Inspec::Runner using transport config data and state" do expect(Inspec::Runner).to receive(:new) .with( hash_including( - 'backend' => 'winrm', - 'logger' => logger, - 'host' => 'win.dows', - 'port' => 123, - 'user' => 'dance', - 'password' => 'party', - 'connection_retries' => 'thousand', - 'connection_retry_sleep' => 'sleepy', - 'max_wait_until_ready' => 42, - 'color' => true, - ), + "backend" => "winrm", + "logger" => logger, + "host" => "win.dows", + "port" => 123, + "user" => "dance", + "password" => "party", + "connection_retries" => "thousand", + "connection_retry_sleep" => "sleepy", + "max_wait_until_ready" => 42, + "color" => true + ) ) .and_return(runner) - verifier.call(hostname: 'win.dows', port: 123) + verifier.call(hostname: "win.dows", port: 123) end end - context 'with an unsupported transport' do + context "with an unsupported transport" do - it '#call raises a UserError' do + it "#call raises a UserError" do expect { verifier.call({}) }.to raise_error(Kitchen::UserError) end end def create_legacy_test_directories - base = File.join(config[:test_base_path], 'germany') - FileUtils.mkdir_p(File.join(base, 'inspec')) - FileUtils.mkdir_p(File.join(base, 'serverspec')) + base = File.join(config[:test_base_path], "germany") + FileUtils.mkdir_p(File.join(base, "inspec")) + FileUtils.mkdir_p(File.join(base, "serverspec")) end def ensure_suite_directory(suitename) diff --git a/spec/spec_helper.rb b/spec/spec_helper.rb index baf8801..5c47d7b 100644 --- a/spec/spec_helper.rb +++ b/spec/spec_helper.rb @@ -16,18 +16,18 @@ # See the License for the specific language governing permissions and # limitations under the License. -if ENV['CODECLIMATE_REPO_TOKEN'] - require 'codeclimate-test-reporter' +if ENV["CODECLIMATE_REPO_TOKEN"] + require "codeclimate-test-reporter" CodeClimate::TestReporter.start -elsif ENV['COVERAGE'] - require 'simplecov' - SimpleCov.profiles.define 'gem' do - command_name 'Specs' +elsif ENV["COVERAGE"] + require "simplecov" + SimpleCov.profiles.define "gem" do + command_name "Specs" - add_filter '.gem/' - add_filter '/spec/' + add_filter ".gem/" + add_filter "/spec/" - add_group 'Libraries', '/lib/' + add_group "Libraries", "/lib/" end - SimpleCov.start 'gem' + SimpleCov.start "gem" end diff --git a/test/cookbooks/os_prepare/metadata.rb b/test/cookbooks/os_prepare/metadata.rb index a874318..3800750 100644 --- a/test/cookbooks/os_prepare/metadata.rb +++ b/test/cookbooks/os_prepare/metadata.rb @@ -1,8 +1,8 @@ # encoding: utf-8 -name 'os_prepare' -maintainer 'Chef Software, Inc.' -maintainer_email 'support@chef.io' -description 'This cookbook prepares the test operating systems' -version '1.0.0' -depends 'apt' -depends 'yum' +name "os_prepare" +maintainer "Chef Software, Inc." +maintainer_email "support@chef.io" +description "This cookbook prepares the test operating systems" +version "1.0.0" +depends "apt" +depends "yum" diff --git a/test/integration/profile/controls/example.rb b/test/integration/profile/controls/example.rb index 1c39c3b..c3a2766 100644 --- a/test/integration/profile/controls/example.rb +++ b/test/integration/profile/controls/example.rb @@ -2,14 +2,14 @@ # copyright: 2015, Chef Software, Inc. # license: All rights reserved -title '/tmp profile' +title "/tmp profile" # you add controls here control "tmp-1.0" do # A unique ID for this control impact 0.7 # The criticality, if this control fails. title "Create /tmp directory" # A human-readable title desc "An optional description..." - describe file('/tmp') do # The actual test + describe file("/tmp") do # The actual test it { should be_directory } end end diff --git a/test/integration/profile/controls/gordon.rb b/test/integration/profile/controls/gordon.rb index 9d82a14..284ca03 100644 --- a/test/integration/profile/controls/gordon.rb +++ b/test/integration/profile/controls/gordon.rb @@ -2,13 +2,13 @@ # copyright: 2015, Chef Software, Inc. # license: All rights reserved -title 'Gordon Config Checks' +title "Gordon Config Checks" -control 'gordon-1.0' do +control "gordon-1.0" do impact 0.7 - title 'Verify the version number of Gordon' - desc 'An optional description...' + title "Verify the version number of Gordon" + desc "An optional description..." describe gordon_config do - its('version') { should eq('1.0') } + its("version") { should eq("1.0") } end end diff --git a/test/integration/profile/libraries/gordon_config.rb b/test/integration/profile/libraries/gordon_config.rb index a0ec78e..f07143b 100644 --- a/test/integration/profile/libraries/gordon_config.rb +++ b/test/integration/profile/libraries/gordon_config.rb @@ -1,6 +1,6 @@ class GordonConfig < Inspec.resource(1) - name 'gordon_config' + name "gordon_config" def version - '1.0' + "1.0" end end From 96f6796280da592a4ace8618340ee7746c38c731 Mon Sep 17 00:00:00 2001 From: Tim Smith Date: Fri, 19 Aug 2016 14:16:04 -0700 Subject: [PATCH 2/2] update readme markdown and add badges Signed-off-by: Tim Smith --- README.md | 52 ++++++++++++++++++++++++++++++---------------------- 1 file changed, 30 insertions(+), 22 deletions(-) diff --git a/README.md b/README.md index f415114..faeb530 100644 --- a/README.md +++ b/README.md @@ -1,10 +1,12 @@ # Kitchen::InSpec - A Test Kitchen Verifier for InSpec +[![Build Status Master](https://travis-ci.org/chef/kitchen-inspec.svg?branch=master)](https://travis-ci.org/chef/kitchen-inspec) [![Gem Version](https://badge.fury.io/rb/kitchen-inspec.svg)](https://badge.fury.io/rb/kitchen-inspec) + This is the kitchen driver for [InSpec](https://github.com/chef/inspec). To see the project in action, we have the following test-kitchen examples available: - - [Chef and InSpec](https://github.com/chef/inspec/tree/master/examples/kitchen-chef) - - [Puppet and InSpec](https://github.com/chef/inspec/tree/master/examples/kitchen-puppet) - - [Ansible and InSpec](https://github.com/chef/inspec/tree/master/examples/kitchen-ansible) +- [Chef and InSpec](https://github.com/chef/inspec/tree/master/examples/kitchen-chef) +- [Puppet and InSpec](https://github.com/chef/inspec/tree/master/examples/kitchen-puppet) +- [Ansible and InSpec](https://github.com/chef/inspec/tree/master/examples/kitchen-ansible) ## Installation @@ -16,22 +18,28 @@ gem 'kitchen-inspec' And then execute: - $ bundle +```shell +$ bundle +``` Or install it yourself as: - $ gem install kitchen-inspec +```shell +$ gem install kitchen-inspec +``` ## Usage In your .kitchen.yml include -``` + +```yaml verifier: name: inspec ``` Optionally specify sudo and sudo_command -``` + +```yaml verifier: name: inspec sudo: true @@ -49,8 +57,8 @@ By default `kitchen-inspec` expects test to be in `test/integration/%suite%` dir ├── README.md ├── metadata.rb ├── recipes -│   ├── default.rb -│   └── nginx.rb +│ ├── default.rb +│ └── nginx.rb └── test └── integration └── default @@ -68,13 +76,13 @@ A complete profile is used here, including a custom inspec resource named `gordo ├── README.md ├── metadata.rb ├── recipes -│   ├── default.rb -│   └── nginx.rb +│ ├── default.rb +│ └── nginx.rb └── test └── integration └── default ├── controls - │   └── gordon.rb + │ └── gordon.rb ├── inspec.yml └── libraries └── gordon_config.rb @@ -91,8 +99,8 @@ If you need support with other testing frameworks, we recommend to place the tes ├── README.md ├── metadata.rb ├── recipes -│   ├── default.rb -│   └── nginx.rb +│ ├── default.rb +│ └── nginx.rb └── test └── integration └── default @@ -104,7 +112,7 @@ If you need support with other testing frameworks, we recommend to place the tes In case you want to reuse tests across multiple cookbooks, they should become an extra artifact independent of a Chef cookbook, call [InSpec profiles](https://github.com/chef/inspec/blob/master/docs/profiles.rst). Those can be easiliy added to existing local tests as demonstrated in previous sections. To include remote profiles, adapt the `verifier` attributes in `.kitchen.yml` -``` +```yaml suites: - name: default verifier: @@ -114,14 +122,14 @@ suites: `inspec_tests` accepts all values that `inspec exec profile` would expect. We support: -* local directory eg. `/path/to/profile` -* github url `https://github.com/dev-sec/tests-ssh-hardening` -* Chef Supermarket `supermarket://hardening/ssh-hardening` (list all available profiles with `inspec supermarket profiles`) -* Chef Compliance `compliance://base/ssh` +- local directory eg. `/path/to/profile` +- github url `https://github.com/dev-sec/tests-ssh-hardening` +- Chef Supermarket `supermarket://hardening/ssh-hardening` (list all available profiles with `inspec supermarket profiles`) +- Chef Compliance `compliance://base/ssh` The following example illustrates the usage in a `.kitchen.yml` -``` +```yaml suites: - name: contains_inspec run_list: @@ -162,10 +170,10 @@ To install this gem onto your local machine, run `bundle exec rake install`. To ## Contributing -Bug reports and pull requests are welcome on GitHub at https://github.com/chef/kitchen-inspec. +Bug reports and pull requests are welcome on GitHub at . ## License -Apache 2.0 (see [LICENSE][license]) +Apache 2.0 (see [LICENSE]) [license]: https://github.com/chef/kitchen-inspec/blob/master/LICENSE