Class: InspecPlugins::CloudFormation::Input

Inherits:

Object

• Object
• InspecPlugins::CloudFormation::Input

Defined in:

lib/inspec-cloudformation/input.rb

Instance Attribute Summary

• #input_name ⇒ Object readonly

  Returns the value of attribute input_name.

• #logger ⇒ Object readonly

  Returns the value of attribute logger.

• #plugin_conf ⇒ Object readonly

  VALID_PATTERNS = [ Regexp.new(“^databag:///[^/]/.$“), Regexp.new(“^node://*/attributes/.$”), ].freeze.

• #priority ⇒ Object readonly

  Returns the value of attribute priority.

Instance Method Summary

• #default_priority ⇒ Object

  What priority should an input value recieve from us? This plgin does not currently allow setting this on a per-input basis, so they all recieve the same “default” value.

• #fetch(profile_name, input_name) ⇒ Object
• #initialize ⇒ Input constructor

  A new instance of Input.

Constructor Details

#initialize ⇒ Input

# File 'lib/inspec-cloudformation/input.rb', line 18

def initialize
  @plugin_conf = Inspec::Config.cached.fetch_plugin_config("inspec-cloudformation")

  @logger = Inspec::Log
  logger.debug format("inspec-cloudformation plugin version %s", VERSION)

  # @mount_point = fetch_plugin_setting("mount_point", "secret")
  # @path_prefix = fetch_plugin_setting("path_prefix", "inspec")

  # We need priority to be numeric; even though env vars or JSON may present it as string - hence the to_i
  @priority = fetch_plugin_setting("priority", 60).to_i


end

Instance Attribute Details

#input_name ⇒ Object (readonly)

Returns the value of attribute input_name.

# File 'lib/inspec-cloudformation/input.rb', line 15

def input_name
  @input_name
end

#logger ⇒ Object (readonly)

Returns the value of attribute logger.

# File 'lib/inspec-cloudformation/input.rb', line 16

def logger
  @logger
end

#plugin_conf ⇒ Object (readonly)

VALID_PATTERNS = [

Regexp.new("^databag://[^/]+/[^/]+/.+$"),
Regexp.new("^node://[^/]*/attributes/.+$"),

].freeze

# File 'lib/inspec-cloudformation/input.rb', line 13

def plugin_conf
  @plugin_conf
end

#priority ⇒ Object (readonly)

Returns the value of attribute priority.

# File 'lib/inspec-cloudformation/input.rb', line 14

def priority
  @priority
end

Instance Method Details

#default_priority ⇒ Object

What priority should an input value recieve from us? This plgin does not currently allow setting this on a per-input basis, so they all recieve the same “default” value. Implements github.com/inspec/inspec/blob/master/dev-docs/plugins.md#default_priority

# File 'lib/inspec-cloudformation/input.rb', line 37

def default_priority
  priority
end

#fetch(profile_name, input_name) ⇒ Object

# File 'lib/inspec-cloudformation/input.rb', line 41

def fetch(profile_name, input_name)
  # skip any input name that is an invalid cloudformation stack name to keep things quick...no need to make the AWS API call.
  return nil if input_name.include?('_')
  return nil unless input_name.include?('/')

  # input format will be "cloudformation stack name / output name"
  stack_name = input_name.split('/').first
  output_name = input_name.split('/').last

  logger.debug format("The stack name is  %s", stack_name)
  logger.debug format("The output name is  %s", output_name)

  cf = Aws::CloudFormation::Client.new

  name = { stack_name: stack_name }
  resp = cf.describe_stacks(name)
  return nil if resp.stacks.nil? || resp.stacks.empty?
  stack = resp.stacks.first
  stack.outputs.each do |output|
      next unless output['output_key'] == output_name
      return output['output_value']
  end

  # if no CloudFormation output found
  return nil
end