Class: Compliance::ComplianceCLI

Inherits:

Inspec::BaseCLI

• Object
• Thor
• Inspec::BaseCLI
• Compliance::ComplianceCLI

Defined in:

lib/bundles/inspec-compliance/cli.rb

Overview

rubocop:disable Metrics/ClassLength

Instance Method Summary

• #exec(*tests) ⇒ Object
• #login(server) ⇒ Object
• #logout ⇒ Object
• #profiles ⇒ Object
• #upload(path) ⇒ Object

  rubocop:disable Metrics/MethodLength, Metrics/AbcSize, PerceivedComplexity.

• #version ⇒ Object

Methods inherited from Inspec::BaseCLI

exec_options, profile_options, target_options

Instance Method Details

#exec(*tests) ⇒ Object

# File 'lib/bundles/inspec-compliance/cli.rb', line 43

def exec(*tests)
  # iterate over tests and add compliance scheme
  tests = tests.map { |t| 'compliance://' + t }

  # execute profile from inspec exec implementation
  diagnose
  run_tests(tests, opts)
end

#login(server) ⇒ Object

# File 'lib/bundles/inspec-compliance/cli.rb', line 18

def login(server)
  success, msg = Compliance::API.login(server, options['user'], options['password'], options['insecure'])
  if success
    puts 'Successfully authenticated'
  else
    puts msg
  end
end

#logout ⇒ Object

# File 'lib/bundles/inspec-compliance/cli.rb', line 134

def logout
  if Compliance::API.logout
    puts 'Successfully logged out'
  else
    puts 'Could not log out'
  end
end

#profiles ⇒ Object

# File 'lib/bundles/inspec-compliance/cli.rb', line 28

def profiles
  profiles = Compliance::API.profiles
  if !profiles.empty?
    # iterate over profiles
    headline('Available profiles:')
    profiles.each { |profile|
      li("#{profile[:org]}/#{profile[:name]}")
    }
  else
    puts 'Could not find any profiles'
  end
end

#upload(path) ⇒ Object

rubocop:disable Metrics/MethodLength, Metrics/AbcSize, PerceivedComplexity

# File 'lib/bundles/inspec-compliance/cli.rb', line 55

def upload(path) # rubocop:disable Metrics/MethodLength, Metrics/AbcSize, PerceivedComplexity
  o = options.dup
  configure_logger(o)
  # check the profile, we only allow to upload valid profiles
  profile = Inspec::Profile.for_target(path, o)

  # start verification process
  error_count = 0
  error = lambda { |msg|
    error_count += 1
    puts msg
  }

  result = profile.check
  unless result[:summary][:valid]
    error.call('Profile check failed. Please fix the profile before upload.')
  else
    puts('Profile is valid')
  end

  # determine user information
  config = Compliance::Configuration.new
  if config['token'].nil? || config['user'].nil?
    error.call('Please login via `inspec compliance login`')
  end

  # owner
  owner = config['user']
  # read profile name from inspec.yml
  profile_name = profile.params[:name]

  # check that the profile is not uploaded already,
  # confirm upload to the user (overwrite with --force)
  if Compliance::API.exist?("#{owner}/#{profile_name}") && !options['overwrite']
    error.call('Profile exists on the server, use --overwrite')
  end

  # abort if we found an error
  if error_count > 0
    puts "Found #{error_count} error(s)"
    exit 1
  end

  # if it is a directory, tar it to tmp directory
  if File.directory?(path)
    file = Tempfile.new([profile_name, '.tar.gz'])
    archive_path = file.path
    puts "Generate temporary profile archive at #{archive_path}"
    profile.archive({ archive: archive_path, ignore_errors: false, overwrite: true })
  else
    archive_path = path
  end

  puts "Start upload to #{owner}/#{profile_name}"

  # upload the tar to Chef Compliance
  url = "#{config['server']}/owners/#{owner}/compliance/#{profile_name}/tar"

  puts "Uploading to #{url}"
  success, msg = Compliance::API.post_file(url, config['token'], '', archive_path, config['insecure'])
  if success
    puts 'Successfully uploaded profile'
  else
    puts 'Error during profile upload:'
    puts msg
  end
end

#version ⇒ Object

# File 'lib/bundles/inspec-compliance/cli.rb', line 124

def version
  info = Compliance::API.version
  if !info.nil? && info['version']
    puts "Chef Compliance version: #{info['version']}"
  else
    puts 'Could not determine server version.'
  end
end