Class: Compliance::ComplianceCLI
- Inherits:
-
Inspec::BaseCLI
- Object
- Thor
- Inspec::BaseCLI
- Compliance::ComplianceCLI
- Defined in:
- lib/bundles/inspec-compliance/cli.rb
Overview
rubocop:disable Metrics/ClassLength
Class Method Summary collapse
-
.banner(command, _namespace = nil, _subcommand = false) ⇒ Object
TODO: find another solution, once github.com/erikhuda/thor/issues/261 is fixed.
- .subcommand_prefix ⇒ Object
Instance Method Summary collapse
- #exec(*tests) ⇒ Object
-
#login(server) ⇒ Object
rubocop:disable Metrics/AbcSize.
- #logout ⇒ Object
- #profiles ⇒ Object
-
#upload(path) ⇒ Object
rubocop:disable Metrics/MethodLength, Metrics/AbcSize, PerceivedComplexity, Metrics/CyclomaticComplexity.
- #version ⇒ Object
Methods inherited from Inspec::BaseCLI
exec_options, profile_options, target_options
Class Method Details
.banner(command, _namespace = nil, _subcommand = false) ⇒ Object
TODO: find another solution, once github.com/erikhuda/thor/issues/261 is fixed
13 14 15 |
# File 'lib/bundles/inspec-compliance/cli.rb', line 13 def self.(command, _namespace = nil, _subcommand = false) "#{basename} #{subcommand_prefix} #{command.usage}" end |
.subcommand_prefix ⇒ Object
17 18 19 |
# File 'lib/bundles/inspec-compliance/cli.rb', line 17 def self.subcommand_prefix namespace end |
Instance Method Details
#exec(*tests) ⇒ Object
79 80 81 82 83 84 85 86 87 88 89 |
# File 'lib/bundles/inspec-compliance/cli.rb', line 79 def exec(*tests) config = Compliance::Configuration.new return if !loggedin(config) # iterate over tests and add compliance scheme tests = tests.map { |t| 'compliance://' + t } # execute profile from inspec exec implementation diagnose run_tests(tests, opts) end |
#login(server) ⇒ Object
rubocop:disable Metrics/AbcSize
34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 |
# File 'lib/bundles/inspec-compliance/cli.rb', line 34 def login(server) # rubocop:disable Metrics/AbcSize # show warning if the Compliance Server does not support ['server'] = server url = ['server'] + ['apipath'] if !['user'].nil? && !['password'].nil? # username / password _success, msg = login_username_password(url, ['user'], ['password'], ['insecure']) elsif !['user'].nil? && !['token'].nil? # access token _success, msg = store_access_token(url, ['user'], ['token'], ['insecure']) elsif !['refresh_token'].nil? && !['user'].nil? # refresh token _success, msg = store_refresh_token(url, ['refresh_token'], true, ['user'], ['insecure']) # TODO: we should login with the refreshtoken here elsif !['refresh_token'].nil? _success, msg = login_refreshtoken(url, ) else puts 'Please run `inspec compliance login SERVER` with options --token or --refresh_token, --user, and --insecure or --not-insecure' exit 1 end puts '', msg end |
#logout ⇒ Object
182 183 184 185 186 187 188 189 190 191 192 193 194 195 196 197 |
# File 'lib/bundles/inspec-compliance/cli.rb', line 182 def logout config = Compliance::Configuration.new unless config.supported?(:oidc) || config['token'].nil? config = Compliance::Configuration.new url = "#{config['server']}/logout" Compliance::API.post(url, config['token'], config['insecure'], !config.supported?(:oidc)) end success = config.destroy if success puts 'Successfully logged out' else puts 'Could not log out' end end |
#profiles ⇒ Object
60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 |
# File 'lib/bundles/inspec-compliance/cli.rb', line 60 def profiles config = Compliance::Configuration.new return if !loggedin(config) msg, profiles = Compliance::API.profiles(config) if !profiles.empty? # iterate over profiles headline('Available profiles:') profiles.each { |profile| li("#{profile[:org]}/#{profile[:name]}") } else puts msg, 'Could not find any profiles' exit 1 end end |
#upload(path) ⇒ Object
rubocop:disable Metrics/MethodLength, Metrics/AbcSize, PerceivedComplexity, Metrics/CyclomaticComplexity
94 95 96 97 98 99 100 101 102 103 104 105 106 107 108 109 110 111 112 113 114 115 116 117 118 119 120 121 122 123 124 125 126 127 128 129 130 131 132 133 134 135 136 137 138 139 140 141 142 143 144 145 146 147 148 149 150 151 152 153 154 155 156 157 158 159 160 161 162 163 164 165 166 167 |
# File 'lib/bundles/inspec-compliance/cli.rb', line 94 def upload(path) # rubocop:disable Metrics/MethodLength, Metrics/AbcSize, PerceivedComplexity, Metrics/CyclomaticComplexity config = Compliance::Configuration.new return if !loggedin(config) unless File.exist?(path) puts "Directory #{path} does not exist." exit 1 end o = .dup configure_logger(o) # check the profile, we only allow to upload valid profiles profile = Inspec::Profile.for_target(path, o) # start verification process error_count = 0 error = lambda { |msg| error_count += 1 puts msg } result = profile.check unless result[:summary][:valid] error.call('Profile check failed. Please fix the profile before upload.') else puts('Profile is valid') end # determine user information if config['token'].nil? || config['user'].nil? error.call('Please login via `inspec compliance login`') end # owner owner = config['user'] # read profile name from inspec.yml profile_name = profile.params[:name] # check that the profile is not uploaded already, # confirm upload to the user (overwrite with --force) if Compliance::API.exist?(config, "#{owner}/#{profile_name}") && !['overwrite'] error.call('Profile exists on the server, use --overwrite') end # abort if we found an error if error_count > 0 puts "Found #{error_count} error(s)" exit 1 end # if it is a directory, tar it to tmp directory if File.directory?(path) archive_path = Dir::Tmpname.create([profile_name, '.tar.gz']) {} # archive_path = file.path puts "Generate temporary profile archive at #{archive_path}" profile.archive({ output: archive_path, ignore_errors: false, overwrite: true }) else archive_path = path end puts "Start upload to #{owner}/#{profile_name}" pname = ERB::Util.url_encode(profile_name) puts 'Uploading to Chef Compliance' success, msg = Compliance::API.upload(config, owner, pname, archive_path) if success puts 'Successfully uploaded profile' else puts 'Error during profile upload:' puts msg exit 1 end end |
#version ⇒ Object
170 171 172 173 174 175 176 177 178 179 |
# File 'lib/bundles/inspec-compliance/cli.rb', line 170 def version config = Compliance::Configuration.new info = Compliance::API.version(config['server'], config['insecure']) if !info.nil? && info['version'] puts "Chef Compliance version: #{info['version']}" else puts 'Could not determine server version.' exit 1 end end |