Update Audit cookbook to support ChefClient 14 (#313)

* Update Audit cookbook to support ChefClient14. * Update tests for Inspec 2.0 json changes. Signed-off-by: Jared Quick <jquick@chef.io>
chef-boneyard · Apr 19, 2018 · a7ca7d2 · a7ca7d2
1 parent 07a4b13
commit a7ca7d2
Show file tree

Hide file tree

Showing 6 changed files with 30 additions and 13 deletions.
diff --git a/.kitchen.yml b/.kitchen.yml
@@ -1,7 +1,6 @@
 ---
 driver:
   name: dokken
-  chef_version: 13.8.5
   privileged: true # because Docker and SystemD/Upstart
 
 transport:

diff --git a/Gemfile b/Gemfile
@@ -1,6 +1,6 @@
 source 'https://rubygems.org'
 
-gem 'chef', '>= 12.5.1', '<14.0.0'
+gem 'chef', '>= 12.5.1'
 
 if Gem::Version.new(RUBY_VERSION) < Gem::Version.new('2.2.2')
   gem 'json', '~> 1.8'
@@ -25,7 +25,7 @@ end
 
 group :integration do
   gem 'test-kitchen', '~> 1.16'
-  gem 'kitchen-dokken'
+  gem 'kitchen-dokken', '= 2.6.0'
   gem 'kitchen-ec2', '~> 1.2'
   gem 'kitchen-inspec', '~> 0.18'
 end

diff --git a/resources/inspec_gem.rb b/resources/inspec_gem.rb
@@ -28,7 +28,7 @@
 
   if installation_required
     converge_by 'install latest InSpec version' do
-      install_inspec_gem(version: version, source: source)
+      install_inspec_gem(version: new_resource.version, source: new_resource.source)
     end
   else
     Chef::Log.info("inspec_gem: not installing InSpec. It's already installed or an explicit version was not supplied.")

diff --git a/test/integration/chef-node-disabled/default.rb b/test/integration/chef-node-disabled/default.rb
@@ -1,9 +1,15 @@
 # get most recent json-file output
 json_file = command('ls -t /opt/kitchen/cache/cookbooks/audit/inspec-*.json').stdout.lines.first.chomp
-controls = json(json_file).controls
+controls = json(json_file).profiles.first['controls']
+results = []
+controls.each do |c|
+  c['results'].each do |r|
+    results << r
+  end
+end
 
 # the controls that read from chef_node should fail because the chef_node data should not be present
-cpu_key_control = controls.find { |x| x['code_desc'] == 'Chef node data - cpu key should exist'}
+cpu_key_control = results.find { |x| x['code_desc'] == 'Chef node data - cpu key should exist'}
 cpu_key_control = {} if cpu_key_control.nil?
 
 describe 'cpu_key control' do
@@ -12,7 +18,7 @@
   end
 end
 
-chef_environment_control = controls.find { |x| x['code_desc'] == 'Chef node data - chef_environment should exist'}
+chef_environment_control = results.find { |x| x['code_desc'] == 'Chef node data - chef_environment should exist'}
 chef_environment_control = {} if chef_environment_control.nil?
 
 describe 'chef_environment control' do

diff --git a/test/integration/chef-node-enabled/default.rb b/test/integration/chef-node-enabled/default.rb
@@ -1,9 +1,15 @@
 # get most recent json-file output
 json_file = command('ls -t /opt/kitchen/cache/cookbooks/audit/inspec-*.json').stdout.lines.first.chomp
-controls = json(json_file).controls
+controls = json(json_file).profiles.first['controls']
+results = []
+controls.each do |c|
+  c['results'].each do |r|
+    results << r
+  end
+end
 
 # Test ability to read in Chef node attributes when the chef_node attribute is enabled
-cpu_key_control = controls.find { |x| x['code_desc'] == 'Chef node data - cpu key should exist'}
+cpu_key_control = results.find { |x| x['code_desc'] == 'Chef node data - cpu key should exist'}
 cpu_key_control = {} if cpu_key_control.nil?
 
 describe 'cpu_key control' do
@@ -12,7 +18,7 @@
   end
 end
 
-chef_environment_control = controls.find { |x| x['code_desc'] == 'Chef node data - chef_environment should exist'}
+chef_environment_control = results.find { |x| x['code_desc'] == 'Chef node data - chef_environment should exist'}
 chef_environment_control = {} if chef_environment_control.nil?
 
 describe 'chef_environment control' do

diff --git a/test/integration/inspec-attributes/default.rb b/test/integration/inspec-attributes/default.rb
@@ -1,9 +1,15 @@
 # get most recent json-file output
 json_file = command('ls -t /opt/kitchen/cache/cookbooks/audit/inspec-*.json').stdout.lines.first.chomp
 
-# Ensure the control we expect is present and passed
-controls = json(json_file).controls
-attribute_control = controls.find { |x| x['code_desc'] == 'File /opt/kitchen/cache/attribute-file-exists.test should exist'}
+# ensure the control we expect is present and passed
+controls = json(json_file).profiles.first['controls']
+results = []
+controls.each do |c|
+  c['results'].each do |r|
+    results << r
+  end
+end
+attribute_control = results.find { |x| x['code_desc'] == 'File /opt/kitchen/cache/attribute-file-exists.test should exist'}
 attribute_control = {} if attribute_control.nil?
 
 describe 'attribute control' do