Merge pull request #115 from cloudamatic/rpc_issue_100

Fixup inspec to use deploy ids instead of BOK
cloudamatic · Mar 14, 2018 · 3e1f6e4 · 3e1f6e4
2 parents d113faf + f240e07
commit 3e1f6e4
Show file tree

Hide file tree

Showing 6 changed files with 79 additions and 31 deletions.
diff --git a/test/exec_inspec.py b/test/exec_inspec.py
@@ -1,4 +1,4 @@
-#!/bin/python
+#!/bin/python/
 
 import os, argparse, json, subprocess, sys, re, glob, time, yaml
 
@@ -11,14 +11,14 @@
 parser.add_argument('-l', action='store_true',help='Local Mode')
 # Required inspec profile name
 parser.add_argument('-p', type=str,help='Inspec Profile name')
-# Required bok name
-parser.add_argument('-b', type=str,help='BOK Path')
+# Required deployment name
+parser.add_argument('-d', type=str,help='Deployment ID')
 
 args = parser.parse_args()
 
 print "Local Mode: %s" % args.l
 print "Inspec Profile: %s" % args.p
-print "BOK Name: %s" % args.b
+print "Deployment ID: %s" % args.d
 
 if args.l:
   workspace = '/opt/mu/lib'
@@ -28,7 +28,14 @@
 
 test = workspace+'/test'
 
-
+def check_deploy_id(deploy_dir):
+  abs_path=deploy_dirs + '/' + deploy_dir
+  if os.path.isdir(abs_path):
+    print "Checking the deployment located in %s" % abs_path
+    return deploy_dir
+  else:
+    print "There is no deployment by the name of %s" % abs_path
+    exit()
 
 def base_controls():
   return ['base_repositories', 'set_mu_hostname', 'disable-requiretty', 'set_local_fw', 'rsyslog', 'nrpe']
@@ -47,30 +54,6 @@ def rebuild_inspec_lock(which_profile):
     os.chdir(workspace+'/test/'+which_profile)
     os.system('inspec vendor --overwrite')
 
-
-
-## In terms of scaling, this is not ideal... Maybe 
-## we should consider saving the deploy output to a file with time_stamp in /tmp
-## and then parse out the deploy_id from stdout 
-def get_deploy_id(bok, all_boks=workspace+'/demo'):
-  partial_dep_name = None
-  deploy_id = None
-  yml_file = open(all_boks+'/'+bok, 'r')
-  for each_line in yml_file.readlines():
-    line = each_line.splitlines()
-    for each in line:
-      stripped =  each.strip()
-      if 'appname:' in stripped:
-        print stripped
-        partial_dep_name = stripped.split()[1].upper()+'-DEV'
-        break
-
-  os.chdir(deploy_dirs)
-  for dirs in glob.glob(partial_dep_name+'*'):
-    deploy_id = dirs
-    break
-  return deploy_id
-
 
 ### Inorder to properly trigger inspec exec
 ### Need to wait for each server_name_done.txt file to exist in deploy_id dir.
@@ -220,11 +203,10 @@ def run_linux_tests(profile, ssh, ssh_file, all_controls):
 
 
 inspec_retry_dir = '/tmp/inspec_retries'
-bok_name = args.b
 profile = get_profile()
 rebuild_inspec_lock(profile)
 os.chdir(workspace)
-deploy_id = get_deploy_id(bok_name)
+deploy_id = check_deploy_id(args.d)
 server_or_pools = server_or_server_pools(deploy_id)
 if server_or_pools == 'server_pools':
   wait_till_groomed(deploy_id, 5)

diff --git a/test/simple-server-php-test/README.md b/test/simple-server-php-test/README.md
@@ -0,0 +1,3 @@
+# Example InSpec Profile
+
+This example shows the implementation of an InSpec profile.
diff --git a/test/simple-server-php-test/controls/apachephp.rb b/test/simple-server-php-test/controls/apachephp.rb
@@ -0,0 +1,25 @@
+include_controls 'mu-tools-test'
+node =json('/tmp/chef_node.json').params
+control 'apache' do
+    title 'This will test apache2 recipe'
+	  %w(apache2 apache2-bin apache2-data apache2-utils).each do |pack|
+      describe package(pack) do
+        it { should be_installed }
+      end
+    end
+
+  	describe service('apache2') do
+	    it { should be_installed }
+	    it { should be_enabled }
+	    it { should be_running }
+    end
+end
+
+control 'php' do 
+  title 'This will test the php recipe'
+	%w(php7.0).each do |pack|
+    describe package(pack) do
+      it { should be_installed }
+    end
+  end
+end
diff --git a/test/simple-server-php-test/controls/example.rb b/test/simple-server-php-test/controls/example.rb
@@ -0,0 +1,19 @@
+# encoding: utf-8
+# copyright: 2018, The Authors
+
+title 'sample section'
+
+# you can also use plain tests
+describe file('/tmp') do
+  it { should be_directory }
+end
+
+# you add controls here
+control 'tmp-1.0' do                        # A unique ID for this control
+  impact 0.7                                # The criticality, if this control fails.
+  title 'Create /tmp directory'             # A human-readable title
+  desc 'An optional description...'
+  describe file('/tmp') do                  # The actual test
+    it { should be_directory }
+  end
+end
diff --git a/test/simple-server-php-test/inspec.lock b/test/simple-server-php-test/inspec.lock
@@ -0,0 +1,7 @@
+---
+lockfile_version: 1
+depends:
+- name: mu-tools-test
+  resolved_source:
+    path: "/opt/mu/lib/test/mu-tools-test"
+  version_constraints: "[]"
diff --git a/test/simple-server-php-test/inspec.yml b/test/simple-server-php-test/inspec.yml
@@ -0,0 +1,12 @@
+name: simple-server-php-test
+title: InSpec Profile
+maintainer: The Authors
+copyright: The Authors
+copyright_email: [email protected]
+license: Apache-2.0
+summary: An InSpec Compliance Profile
+version: 0.1.0
+depends:
+- name: mu-tools-test
+  path: ../mu-tools-test
+
Original file line number	Diff line number	Diff line change
		@@ -0,0 +1,3 @@
		# Example InSpec Profile

		This example shows the implementation of an InSpec profile.