Remove deprecated examples using Array of Hashes

Due to #328 we must update the README.md to remove references to the Array of Hashes syntax. ```ruby default['audit']['profiles'] = [] default['audit']['profiles'].push( name: 'example', compliance: 'admin/example' ) ``` becomes ```ruby default['audit']['profiles'] = {} default['audit']['profiles']['example'] = { compliance: 'admin/example' } ``` Signed-off-by: Jerry Aldrich <jerryaldrichiii@gmail.com>
chef-boneyard · Sep 18, 2019 · 30e2771 · 30e2771
1 parent aafd15d
commit 30e2771
Showing 1 changed file with 41 additions and 86 deletions.
diff --git a/README.md b/README.md
@@ -93,60 +93,32 @@ Note on AIX Support:
 
 ### Configure node
 
-Once the cookbook is available in Chef Server, you need to add the `audit::default` recipe to the run-list of each node. The profiles are selected using the `node['audit']['profiles']` attribute. A list of example configurations are documented in [Supported Configurations](docs/supported_configuration.md). Below are some other examples:
+Once the cookbook is available in Chef Server, you need to add the `audit::default` recipe to the run-list of each node (or, preferably create a wrapper cookbook). The profiles are selected using the `node['audit']['profiles']` attribute. A list of example configurations are documented in [Supported Configurations](docs/supported_configuration.md). Below is another example demonstrating the different locations profiles can be "fetched" from:
 
-```ruby
-default['audit']['reporter'] = 'chef-server-automate'
-default['audit']['fetcher'] = 'chef-server'
+```rubydefault['audit']['profiles']['linux'] = {
+  'compliance': 'base/linux'
+}
 
-# You may use an array of hashes (shown here) or hash of hashes (shown below)
-default['audit']['profiles'].push(
-    # Profile from Chef Automate
-    {
-      'name': 'linux',
-      'compliance': 'base/linux'
-    },
-    # Profile from Chef Automate at a particular version
-    {
-      'name': 'linux-baseline',
-      'compliance': 'user/linux-baseline',
-      'version': '2.1.0'
-    },
-    # Profile from Supermarket
-    # note: Artifactory's Supermarket implementation—"Chef Cookbook repository"—does not support InSpec compliance profiles at this time
-    {
-      'name': 'ssh',
-      'supermarket': 'hardening/ssh-hardening'
-    },
-    # Profile from local Windows path
-    {
-      'name': 'brewinc/win2012_audit',
-      # filesystem path
-      'path': 'E:/profiles/win2012_audit'
-    },
-    # Profile from GitHub
-    {
-      'name': 'ssl',
-      'git': 'https://github.com/dev-sec/ssl-benchmark.git'
-    },
-    # Profile from URL
-    {
-      'name': 'ssh',
-      'url': 'https://github.com/dev-sec/tests-ssh-hardening/archive/master.zip'
-    }
-)
-```
+default['audit']['profiles']['linux-baseline'] = {
+  'compliance': 'user/linux-baseline',
+  'version': '2.1.0'
+}
 
-You may prefer to use hashes for your `node['audit']['profiles']` when you are merging attributes from multiple sources. Policyfiles do not merge arrays and in the case of Policyfiles with includes you will be able to append additional profiles with each Policyfile.
+default['audit']['profiles']['ssh'] = {
+  'supermarket': 'hardening/ssh-hardening'
+}
 
-```ruby
-# Hash of hashes, works with Policyfile includes
-default['audit']['profiles']['linux'] = { 'compliance': 'base/linux' }
-default['audit']['profiles']['linux-baseline'] = { 'compliance': 'user/linux-baseline', 'version': '2.1.0' }
-default['audit']['profiles']['ssh'] = { 'supermarket': 'hardening/ssh-hardening' }
-default['audit']['profiles']['brewinc/win2012_audit'] = { 'path': 'E:/profiles/win2012_audit' }
-default['audit']['profiles']['ssl'] = { 'git': 'https://github.com/dev-sec/ssl-benchmark.git' }
-default['audit']['profiles']['ssh2'] = { 'url': 'https://github.com/dev-sec/tests-ssh-hardening/archive/master.zip' }
+default['audit']['profiles']['brewinc/win2012_audit'] = {
+  'path': 'E:/profiles/win2012_audit'
+}
+
+default['audit']['profiles']['ssl'] = {
+  'git': 'https://github.com/dev-sec/ssl-benchmark.git'
+}
+
+default['audit']['profiles']['ssh2'] = {
+  'url': 'https://github.com/dev-sec/tests-ssh-hardening/archive/master.zip'
+}
 ```
 
 #### Attributes
@@ -155,7 +127,7 @@ You can also pass in [InSpec Attributes](https://www.inspec.io/docs/reference/pr
 
 ```ruby
 default['audit']['attributes'] = {
-  first_attribute: 'some vaule',
+  first_attribute: 'some value',
   second_attribute: 'another value',
 }
 ```
@@ -175,12 +147,9 @@ Attributes example of fetching from Automate, reporting to Automate both via Che
 ```ruby
 default['audit']['reporter'] = 'chef-server-automate'
 default['audit']['fetcher'] = 'chef-server'
-default['audit']['profiles'].push(
-  {
-    'name': 'my-profile',
-    'compliance': 'john/my-profile'
-  }
-)
+default['audit']['profiles']['my-profile'] = {
+  'compliance': 'john/my-profile'
+}
 ```
 
 #### Direct reporting to Chef Automate
@@ -193,12 +162,9 @@ This method sends the report using the `data_collector.server_url` and `data_col
 
 ```ruby
 default['audit']['reporter'] = 'chef-automate'
-default['audit']['profiles'].push(
-  {
-    'name': 'brewinc/tmp_compliance_profile',
-    'url': 'https://github.com/nathenharvey/tmp_compliance_profile'
-  }
-)
+default['audit']['profiles']['tmp_compliance_profile'] = {
+  'url': 'https://github.com/nathenharvey/tmp_compliance_profile'
+}
 ```
 
 If you are using a self-signed certificate, please also read [how to add the Chef Automate certificate to the trusted_certs directory](https://docs.chef.io/data_collection_without_server.html#add-chef-automate-certificate-to-trusted-certs-directory)
@@ -227,12 +193,9 @@ To write the report to a file on disk, simply set the `reporter` to 'json-file'
 
 ```ruby
 default['audit']['reporter'] = 'json-file'
-default['audit']['profiles'].push(
-  {
-    'name': 'admin/ssh2',
-    'path': '/some/base_ssh.tar.gz'
-  }
-)
+default['audit']['profiles']['ssh2'] = {
+  'path': '/some/base_ssh.tar.gz'
+}
 ```
 
 The resulting file will be written to `node['audit']['json_file']['location']` which defaults to
@@ -262,11 +225,9 @@ for each one.  For example, to report to Chef Automate and write to json file on
 
 ```ruby
 default['audit']['reporter'] = ['chef-server-automate', 'json-file']
-default['audit']['profiles'].push(
-  {
-    'name': 'windows',
-    'compliance': 'base/windows'
-  }
+default['audit']['profiles']['windows'] = {
+  'compliance': 'base/windows'
+}
 )
 ```
 
@@ -281,12 +242,9 @@ This allows the audit cookbook to fetch profiles stored in Chef Automate. For ex
 ```ruby
 default['audit']['reporter'] = 'chef-server-automate'
 default['audit']['fetcher'] = 'chef-server'
-default['audit']['profiles'].push(
-  {
-    'name': 'ssh',
-    'compliance': 'base/ssh'
-  }
-)
+default['audit']['profiles']['ssh'] = {
+  'compliance': 'base/ssh'
+}
 ```
 
 #### Fetch profiles directly from Chef Automate
@@ -296,12 +254,9 @@ This method fetches profiles using the `data_collector.server_url` and `data_col
 ```ruby
 default['audit']['reporter'] = 'chef-automate'
 default['audit']['fetcher'] = 'chef-automate'
-default['audit']['profiles'].push(
-  {
-    'name': 'ssh',
-    'compliance': 'base/ssh'
-  }
-)
+default['audit']['profiles']['ssh'] = {
+  'name': 'ssh',
+}
 ```
 
 ## Relationship with Chef Audit Mode