Upload profiles to Chef Compliance via Chef resource #122
Conversation
vjeffrey
force-pushed
the
vj/upload-profiles
branch
5 times, most recently
from
d4cc042 to
5fd0cda
Compare
vjeffrey
force-pushed
the
vj/upload-profiles
branch
from
5fd0cda to
96bf8f9
Compare
| require 'bundles/inspec-compliance/api' | ||
| require 'bundles/inspec-compliance/target' | ||
| _success, msg, access_token = Compliance::API.get_token_via_refresh_token(server, refresh_token, true) | ||
|
|
There was a problem hiding this comment.
The access_token (and inspec lib namespaces) will also be required when sending reports directly to Compliance so the all the lib requires should probably be moved in this resource so that it's as DRY as possible.
There was a problem hiding this comment.
This was solved in the past since there was a compliance library (libraries/compliance.rb). All libraries get compiled and automatically included in the cookbook resources. That would perhaps be a decent place for all the requires and the compliance API methods.
|
|
||
| # upload profile | ||
| inspec p do | ||
| profile_name p |
There was a problem hiding this comment.
inspec p do
profile_name p
This feels a little strange to me since the resource is inspec - to me that would on the surface mean that it controls the installation and configuration of inspec (gem/tools). This might just be pernickety, but mixing in inspec profiles uploads might make more sense in a separate resource perhaps.
vjeffrey
force-pushed
the
vj/upload-profiles
branch
from
3abc6f0 to
6d24826
Compare
|
@vjeffrey Do you intend to add the upload example to our example directory? |
There was a problem hiding this comment.
I like the simple wrapper for the cookbook that reuses all the InSpec core functionality. Awesome @vjeffrey Just added a minor questions.
| raise "Profile archive file #{path} does not exist." unless ::File.exist?(path) | ||
| profile = Inspec::Profile.for_target(path, {}) | ||
| error_count = 0 | ||
| lambda { |msg| |
There was a problem hiding this comment.
Is this lamda used somewhere?
There was a problem hiding this comment.
Would be great to tie this warnings and errors to Chef::Log.error and Chef::Log.warn
There was a problem hiding this comment.
i think that lambda was just cruft leftover. i'll remove and test in a bit. oh ya, good point on the errors. i'll go through and update those! :)
vjeffrey
force-pushed
the
vj/upload-profiles
branch
5 times, most recently
from
495ad10 to
fa964ed
Compare
Signed-off-by: Victoria Jeffrey <vjeffrey@chef.io>
Signed-off-by: Victoria Jeffrey <vjeffrey@chef.io>
Signed-off-by: Victoria Jeffrey <vjeffrey@chef.io>
vjeffrey
force-pushed
the
vj/upload-profiles
branch
from
fa964ed to
9e8d8bf
Compare
| @@ -0,0 +1,107 @@ | |||
| # Put files/directories that should be ignored in this file when uploading | |||
Signed-off-by: Victoria Jeffrey <vjeffrey@chef.io>
vjeffrey
force-pushed
the
vj/upload-profiles
branch
from
9e8d8bf to
65a2779
Compare
|
@chris-rock: updated! |
chris-rock
changed the title
tada! it works @chris-rock .....i have a bunch of requires in the inspec resource....not sure how to get around that?
using this to test it: https://github.com/vjeffrey/testing-audit