Class: Cloudspin::Stack::Rake::InspecTask

Inherits:
Rake::TaskLib
  • Object
show all
Defined in:
lib/cloudspin/stack/rake/inspec_task.rb

Instance Attribute Summary collapse

Instance Method Summary collapse

Constructor Details

#initialize(stack_instance:, inspec_folder: './test/inspec', work_folder: nil, inspec_target: nil, inspec_parameters: {}) ⇒ InspecTask

Returns a new instance of InspecTask.



13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
 
# File 'lib/cloudspin/stack/rake/inspec_task.rb', line 13

def initialize(stack_instance:,
               inspec_folder: './test/inspec',
               work_folder: nil,
               inspec_target: nil,
               inspec_parameters: {})
  @stack_instance = stack_instance
  @stack_instance_id = stack_instance.id
  @inspec_target = inspec_target || inspec_target_for_aws
  @inspec_parameters = default_parameters.merge(inspec_parameters)

  @work_folder = work_folder || @stack_instance.working_folder
  @inspec_folder = inspec_folder
  if Dir.exists?(inspec_folder)
    define
  else
    puts "No directory found: #{inspec_folder}"
  end
end

Instance Attribute Details

#inspec_folderObject (readonly)

Returns the value of attribute inspec_folder.



9
10
11
 
# File 'lib/cloudspin/stack/rake/inspec_task.rb', line 9

def inspec_folder
  @inspec_folder
end

#inspec_parametersObject (readonly)

Returns the value of attribute inspec_parameters.



11
12
13
 
# File 'lib/cloudspin/stack/rake/inspec_task.rb', line 11

def inspec_parameters
  @inspec_parameters
end

#inspec_targetObject (readonly)

Returns the value of attribute inspec_target.



10
11
12
 
# File 'lib/cloudspin/stack/rake/inspec_task.rb', line 10

def inspec_target
  @inspec_target
end

#stack_instance_idObject (readonly)

Returns the value of attribute stack_instance_id.



7
8
9
 
# File 'lib/cloudspin/stack/rake/inspec_task.rb', line 7

def stack_instance_id
  @stack_instance_id
end

#work_folderObject (readonly)

Returns the value of attribute work_folder.



8
9
10
 
# File 'lib/cloudspin/stack/rake/inspec_task.rb', line 8

def work_folder
  @work_folder
end

Instance Method Details

#build_attributes_fileObject 



50
51
52
53
54
55
 
# File 'lib/cloudspin/stack/rake/inspec_task.rb', line 50

def build_attributes_file
  ensure_path(inspec_attributes_file)
  File.open(inspec_attributes_file, 'w') {|f|
    f.write(inspec_parameters.to_yaml)
  }
end

#default_parametersObject 



46
47
48
 
# File 'lib/cloudspin/stack/rake/inspec_task.rb', line 46

def default_parameters
  @stack_instance.parameter_values.merge(@stack_instance.resource_values).merge({ 'instance_identifier' => @stack_instance.id })
end

#defineObject 



38
39
40
41
42
43
44
 
# File 'lib/cloudspin/stack/rake/inspec_task.rb', line 38

def define
  desc 'Run inspec tests'
  task :inspec do |t, args|
    build_attributes_file
    run_inspec_profile
  end
end

#ensure_path(file_path) ⇒ Object 



61
62
63
 
# File 'lib/cloudspin/stack/rake/inspec_task.rb', line 61

def ensure_path(file_path)
  mkpath(File.dirname(file_path))
end

#inspec_attributes_fileObject 



57
58
59
 
# File 'lib/cloudspin/stack/rake/inspec_task.rb', line 57

def inspec_attributes_file
  "#{work_folder}/inspec/attributes-for-stack-#{stack_instance_id}.yml"
end

#inspec_command(inspec_profile_subfolder) ⇒ Object 



76
77
78
79
80
81
82
83
84
85
86
87
88
89
 
# File 'lib/cloudspin/stack/rake/inspec_task.rb', line 76

def inspec_command(inspec_profile_subfolder)
  command_parts = [
    'inspec',
    'exec',
    "#{@inspec_folder}/#{inspec_profile_subfolder}",
    '--attrs',
    inspec_attributes_file,
    '--reporter',
    "json-rspec:#{inspec_profile_results_file(inspec_profile_name(inspec_profile_subfolder))}",
    'cli']

  command_parts << ['-t', inspec_target] if inspec_target
  command_parts.join(' ')
end

#inspec_profile_name(subfolder_name) ⇒ Object 



95
96
97
98
 
# File 'lib/cloudspin/stack/rake/inspec_task.rb', line 95

def inspec_profile_name(subfolder_name)
  profile_spec = YAML.load_file("#{@inspec_folder}/#{subfolder_name}/inspec.yml") || {}
  profile_spec['name'] || 'default'
end

#inspec_profile_results_file(profile_name) ⇒ Object 



91
92
93
 
# File 'lib/cloudspin/stack/rake/inspec_task.rb', line 91

def inspec_profile_results_file(profile_name)
  "#{work_folder}/inspec/results-for-stack-#{stack_instance_id}-profile-#{profile_name}.json"
end

#inspec_profiles_in(folder) ⇒ Object 



100
101
102
103
104
105
 
# File 'lib/cloudspin/stack/rake/inspec_task.rb', line 100

def inspec_profiles_in(folder)
  Dir.entries(folder).select { |possible_profile|
    possible_profile != '..' &&
      File.exists?("#{folder}/#{possible_profile}/inspec.yml")
  }
end

#inspec_target_for_awsObject 



32
33
34
35
36
 
# File 'lib/cloudspin/stack/rake/inspec_task.rb', line 32

def inspec_target_for_aws
  aws_region = @stack_instance.parameter_values['region']
  aws_profile = @stack_instance.resource_values['assume_role_profile']
  "aws://#{aws_region}/#{aws_profile}"
end

#run_inspec_profileObject 



65
66
67
68
69
70
71
72
73
74
 
# File 'lib/cloudspin/stack/rake/inspec_task.rb', line 65

def run_inspec_profile
  puts "Run inspec"
  inspec_profiles_in(@inspec_folder).each { |inspec_profile_subfolder|
    cmd = inspec_command(inspec_profile_subfolder)
    puts cmd
    return if system(cmd)
    $stderr.puts "#{cmd} failed"
    exit $?.exitstatus || 1
  }
end