From 635cc4b3793028cf934bb45fed7c1c183eedc8a7 Mon Sep 17 00:00:00 2001 From: "Jeremy J. Miller" Date: Fri, 20 May 2016 08:58:55 -0400 Subject: [PATCH] quiet mode for inspec scans --- attributes/default.rb | 1 + libraries/profile.rb | 4 +++- libraries/report.rb | 6 +++++- recipes/default.rb | 2 ++ spec/unit/recipes/default_spec.rb | 4 ++++ 5 files changed, 15 insertions(+), 2 deletions(-) diff --git a/attributes/default.rb b/attributes/default.rb index 9d015536..32e783b6 100644 --- a/attributes/default.rb +++ b/attributes/default.rb @@ -20,6 +20,7 @@ default['audit']['token'] = nil default['audit']['variant'] = 'chef' default['audit']['owner'] = nil +default['audit']['quiet'] = nil default['audit']['profiles'] = {} # raise exception if Compliance API endpoint is unreachable diff --git a/libraries/profile.rb b/libraries/profile.rb index 8a37b781..5a459eba 100644 --- a/libraries/profile.rb +++ b/libraries/profile.rb @@ -18,6 +18,7 @@ class ComplianceProfile < Chef::Resource # rubocop:disable Metrics/ClassLength property :port, Integer property :token, [String, nil] property :inspec_version, String, default: 'latest' + property :quiet, [TrueClass, FalseClass], default: true # TODO(sr) it might be nice to default to settings from attributes # alternative to (owner, profile)-addressing for profiles, @@ -107,7 +108,8 @@ class ComplianceProfile < Chef::Resource # rubocop:disable Metrics/ClassLength # TODO: flesh out inspec's report CLI interface, # make this an execute[inspec check ...] - runner = ::Inspec::Runner.new('report' => true, 'format' => 'json-min') + output = quiet ? ::File::NULL : $stdout + runner = ::Inspec::Runner.new('report' => true, 'format' => 'json-min', 'output' => output) runner.add_target(path, {}) begin runner.run diff --git a/libraries/report.rb b/libraries/report.rb index ce8bd3f1..bba7c7dd 100644 --- a/libraries/report.rb +++ b/libraries/report.rb @@ -12,6 +12,7 @@ class ComplianceReport < Chef::Resource property :port, Integer property :token, [String, nil] property :variant, String, default: 'chef' # 'chef', 'compliance' + property :quiet, [TrueClass, FalseClass], default: true property :environment, String # default: node.environment property :owner, [String, nil] @@ -25,7 +26,10 @@ class ComplianceReport < Chef::Resource blob = node_info blob[:reports] = reports total_failed = 0 - blob[:reports].each { |k, _| total_failed += blob[:reports][k]['summary']['failure_count'].to_i } + blob[:reports].each do |k, _| + Chef::Log.info "Summary for #{k} #{blob[:reports][k]['summary'].to_json}" if quiet + total_failed += blob[:reports][k]['summary']['failure_count'].to_i + end blob[:profiles] = ownermap # resolve owner diff --git a/recipes/default.rb b/recipes/default.rb index 65fa496e..09894ba6 100644 --- a/recipes/default.rb +++ b/recipes/default.rb @@ -32,6 +32,7 @@ server server token token inspec_version node['audit']['inspec_version'] + quiet node['audit']['quiet'] unless node['audit']['quiet'].nil? action [:fetch, :execute] end end @@ -42,5 +43,6 @@ server server token token variant node['audit']['variant'] + quiet node['audit']['quiet'] unless node['audit']['quiet'].nil? action :execute end if node['audit']['profiles'].values.any? diff --git a/spec/unit/recipes/default_spec.rb b/spec/unit/recipes/default_spec.rb index b50697fd..cc86cc8f 100644 --- a/spec/unit/recipes/default_spec.rb +++ b/spec/unit/recipes/default_spec.rb @@ -36,6 +36,8 @@ runner = ChefSpec::ServerRunner.new(platform: 'centos', version: '6.5') runner.node.set['audit']['profiles'] = { 'admin/myprofile' => true, 'base/ssh' => false } + runner.node.set['audit']['inspec_version'] = 'latest' + runner.node.set['audit']['quiet'] = true runner.converge(described_recipe) end @@ -51,12 +53,14 @@ server: nil, token: nil, inspec_version: 'latest', + quiet: true, ) expect(chef_run).to execute_compliance_report('chef-server').with( owner: nil, server: nil, token: nil, variant: 'chef', + quiet: true, ) end